Evaluation of Android Dalvik virtual machine

Oh, Hyeong-Seok; Kim, Beom-Jun; Choi, Hyun-Kyu; Moon, Soo-Mook

doi:10.1145/2388936.2388956

Cited by 33 publications

(6 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In Android operating system, ART (Android Runtime) or Dalvik Virtual Machine (DVM) is responsible for handling the opcodes in the form of dex (dalvik executable format) file format [18] [19]. Android programs are written in java or kotlin language and then compiled to a 'dex' (dalvik executable format) file [19].…”

Section: A Extraction Of Opcodes Subsequences From An Android Applica...mentioning

confidence: 99%

On Impact of Semantically Similar Apps in Android Malware Datasets

Surendran¹

2021

Preprint

View full text Add to dashboard Cite

Malware authors reuse the same program segments found in other applications for performing the similar kind of malicious activities such as information stealing, sending SMS and so on. Hence, there may exist several semantically similar malware samples in a family/dataset. Many researchers unaware about these semantically similar apps and use their features in their ML models for evaluation. Hence, the performance measures might be seriously affected by these similar kinds of apps. In this paper, we study the impact of semantically similar applications in the performance measures of ML based Android malware detectors. For this, we propose a novel opcode subsequence based malware clustering algorithm to identify the semantically similar malware and goodware apps. For studying the impact of semantically similar apps in the performance measures, we tested the performance of distinct ML models based on API call and permission features of malware and goodware application with/without semantically similar apps. In our experimentation with Drebin dataset, we found that, after removing the exact duplicate apps from the dataset ( = 0) the malware detection rate (TPR) of API call based ML models is dropped from 0.95 to 0.91 and permission based model is dropped from 0.94 to 0.90. In order to overcome this issue, we advise the research community to use our clustering algorithm to get rid of semantically similar apps before evaluating their malware detection mechanism.

show abstract

Section: A Extraction Of Opcodes Subsequences From An Android Applica...mentioning

confidence: 99%

On Impact of Semantically Similar Apps in Android Malware Datasets

Surendran¹

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Among all this information, we focus on the DEX file ( Figure 2) because it provides interesting features related to the target application [34,35].…”

Section: How To Retrieve Sensitive Informationmentioning

confidence: 99%

The Dangers of Rooting: Data Leakage Detection in Android Applications

Casati

Visconti

2018

Mobile Information Systems

View full text Add to dashboard Cite

Mobile devices are widely spread all over the world, and Android is the most popular operative system in use. According to Kaspersky Lab's threat statistic (June 2017), many users are tempted to root their mobile devices to get an unrestricted access to the file system, to install different versions of the operating system, to improve performance, and so on. e result is that unintended data leakage flaws may exist. In this paper, we (i) analyze the security issues of several applications considered relevant in terms of handling user sensitive information, for example, financial, social, and communication applications, showing that 51.6% of the tested applications suffer at least of an issue and (ii) show how an attacker might retrieve a user access token stored inside the device thus exposing users to a possible identity violation. Notice that such a token, and a number of other sensitive information, can be stolen by malicious users through a man-in-the-middle (MITM) attack.

show abstract

“…Previous attempts to make Android amenable to real-time include the work of Maia et al who proposed four different architectures [16,17,19,22,26] that enforce a strict separation between real-time and non-real-time apps. Kang et al [12] and Ruiz et al [27] implemented such separation in the standard Linux kernel, assigning one or more cores for real-time tasks and isolating those cores from the rest of the system.…”

Section: Related Workmentioning

confidence: 99%

Can Android Run on Time? Extending and Measuring the Android Platform's Timeliness

Yan

Gokul

Dantu

et al. 2018

ACM Trans. Embed. Comput. Syst.

View full text Add to dashboard Cite

Time predictability is difficult to achieve in the complex, layered execution environments that are common in modern embedded devices such as smartphones. We explore adopting the Android programming model for a range of embedded applications that extends beyond mobile devices, under the constraint that changes to widely used libraries should be minimized. The challenges we explore include the interplay between real-time activities and the rest of the system, how to express the timeliness requirements of components, and how well those requirements can be met on stock embedded platforms. We detail the design and implementation of our modifications to the Android framework along with a real-time VM and OS, and we provide experimental data validating feasibility over five applications.

show abstract

Evaluation of Android Dalvik virtual machine

Cited by 33 publications

References 7 publications

On Impact of Semantically Similar Apps in Android Malware Datasets

On Impact of Semantically Similar Apps in Android Malware Datasets

The Dangers of Rooting: Data Leakage Detection in Android Applications

Can Android Run on Time? Extending and Measuring the Android Platform's Timeliness

Contact Info

Product

Resources

About