DroidClone: Attack of the android malware clones - a step towards stopping them

Alam, Shahid; Soğukpınar, İbrahim

doi:10.2298/csis200330035a

Cited by 2 publications

(2 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…ImageStruct 63 and a similar work DroidEagle 64 leverage the similarity of images and UI layout to detect potential clones and repacked malware in Android apps. DroidClone 65 rely on the structure and reusing of code segments to detect repackaged apps and clones of Android malware. Singh et al employ a multi-view machine learning-based technique to detect repacked Android malware 66 and report up to 97.46% accuracy using 15,297 malware samples.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems

Rafiq

Aslam

Aleem

et al. 2022

Sci Rep

View full text Add to dashboard Cite

Due to the widespread usage of Android smartphones in the present era, Android malware has become a grave security concern. The research community relies on publicly available datasets to keep pace with evolving malware. However, a plethora of apps in those datasets are mere clones of previously identified malware. The reason is that instead of creating novel versions, malware authors generally repack existing malicious applications to create malware clones with minimal effort and expense. This paper investigates three benchmark Android malware datasets to quantify repacked malware using package names-based similarity. We consider 5560 apps from the Drebin dataset, 24,533 apps from the AMD and 695,470 apps from the AndroZoo dataset for analysis. Our analysis reveals that 52.3% apps in Drebin, 29.8% apps in the AMD and 42.3% apps in the AndroZoo dataset are repacked malware. Furthermore, we present AndroMalPack, an Android malware detector trained on clones-free datasets and optimized using Nature-inspired algorithms. Although trained on a reduced version of datasets, AndroMalPack classifies novel and repacked malware with a remarkable detection accuracy of up to 98.2% and meagre false-positive rates. Finally, we publish a dataset of cloned apps in Drebin, AMD, and AndrooZoo to foster research in the repacked malware analysis domain.

show abstract

Section: Related Workmentioning

confidence: 99%

“…As a result, they detected up to 92% of the repacked apps in the dataset. Alam et al 70 proposed DroidClone to address the problem of clones in Android malware. DroidClone employs MAIL , a novel language to identify control flow patterns in the program.…”

Section: Related Workmentioning

confidence: 99%

AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems

Rafiq

Aslam

Aleem

et al. 2022

Sci Rep

View full text Add to dashboard Cite

show abstract

Evolution of Malware in the Digital Transformation Age

Alam

2021

Handbook of Research on Advancing Cybersecurity for Digital Transformation

View full text Add to dashboard Cite

As corporations are stepping into the new digital transformation age and adopting leading-edge technologies such as cloud, mobile, and big data, it becomes crucial for them to contemplate the risks and rewards of this adoption. At the same time, the new wave of malware attacks is posing a severe impediment in implementing these technologies. This chapter discusses some of the complications, challenges, and issues plaguing current malware analysis and detection techniques. Some of the key challenges discussed are automation, native code, obfuscations, morphing, and anti-reverse engineering. Solutions and recommendations are provided to solve some of these challenges. To stimulate further research in this thriving area, the authors highlight some promising future research directions. The authors believe that this chapter provides an auspicious basis for future researchers who intend to know more about the evolution of malware and will act as a motivation for enhancing the current and developing the new techniques for malware analysis and detection.

show abstract

DroidClone: Attack of the android malware clones - a step towards stopping them

Cited by 2 publications

References 31 publications

AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems

AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems

Evolution of Malware in the Digital Transformation Age

Contact Info

Product

Resources

About