LimonDroid: a system coupling three signature-based schemes for profiling Android malware

Tchakounté, Franklin; Ngassi, Roger Corneille Ndjeumou; Kamla, Vivient Corneille; Udagepola, Kalum Priyanath

doi:10.1007/s42044-020-00068-w

Cited by 16 publications

(9 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Tchakounté et al [ 47 ] developed an analysis tool called LimonDroid to identify malicious characters in Android apps. Using Yet Another Recursive/Ridiculous Acronym (YARA) [ 32 ] rules, this tool exposed malicious characters of Metasploit, Fake Apps, LeadBolt, Ransomware, RuMMS, Viking Horde, and XBot in scanned applications.…”

Section: Security Solutions Against Mobile Malware and Threatsmentioning

confidence: 99%

The current state and future of mobile security in the light of the recent mobile security threat reports

Çınar

Kara

2023

Multimed Tools Appl

View full text Add to dashboard Cite

Section: Security Solutions Against Mobile Malware and Threatsmentioning

confidence: 99%

The current state and future of mobile security in the light of the recent mobile security threat reports

Çınar

Kara

2023

Multimed Tools Appl

View full text Add to dashboard Cite

“…3 presents the three main categories of Android malware detection techniques, the first category is logic-based techniques ( Lee et al, 2014 ; Zhang, She & Qian, 2015a ), based on hard-coded safe lists and predefined alarms stored in text files or a small database like Amamra ( Amamra, Robert & Talhi, 2015 ). The second category is signature based malware detection techniques ( Niazi et al, 2015 ; Tchakounté et al, 2021 ), it based the malware detection on comparing the suspicious application with malware application signature. The third category of Android malware detection uses machine learning (ML) classification algorithms to classify the application as benign or malware ( Afonso et al, 2015 ; Alzaylaee, Yerima & Sezer, 2016 ; Amamra, Robert & Talhi, 2015 ; Baskaran & Ralescu, 2016 ; Canfora et al, 2016 ; Canfora et al, 2015c ; Castellanos et al, 2016 ; Faruki et al, 2015a ; Feizollah et al, 2015 ; Fratantonio et al, 2016 ; Kurniawan, Rosmansyah & Dabarsyah, 2015 ; Lei et al, 2015 ; Lindorfer, Neugschwandtner & Platzer, 2015 ; Lopez & Cadavid, 2016 ; Meng et al, 2016 ; Nissim et al, 2016 ; Spreitzenbarth et al, 2015 ; Spreitzer et al, 2016 ; Wang & Wu, 2015 ; Wu et al, 2016 ; Xu et al, 2016 ; Yerima, Sezer & Muttik, 2014 ; Yuan, Lu & Xue, 2016 ; Zhang, Breitinger & Baggili, 2016 ).…”

Section: Evasion Techniquesmentioning

confidence: 99%

“…This model has limitations where each of the new malware family variants needs a different signature. LimonDroid ( Tchakounté et al, 2021 ) proposed a signature-based database of Android malware signature based on fuzzy hashing technique. It builds a signature database for literature purposes rather than a malware detection framework.…”

Section: Evasion Techniquesmentioning

confidence: 99%

The rise of obfuscated Android malware and impacts on detection methods

Elsersy¹,

Feizollah²,

Anuar³

2022

PeerJ Computer Science

View full text Add to dashboard Cite

The various application markets are facing an exponential growth of Android malware. Every day, thousands of new Android malware applications emerge. Android malware hackers adopt reverse engineering and repackage benign applications with their malicious code. Therefore, Android applications developers tend to use state-of-the-art obfuscation techniques to mitigate the risk of application plagiarism. The malware authors adopt the obfuscation and transformation techniques to defeat the anti-malware detections, which this paper refers to as evasions. Malware authors use obfuscation techniques to generate new malware variants from the same malicious code. The concern of encountering difficulties in malware reverse engineering motivates researchers to secure the source code of benign Android applications using evasion techniques. This study reviews the state-of-the-art evasion tools and techniques. The study criticizes the existing research gap of detection in the latest Android malware detection frameworks and challenges the classification performance against various evasion techniques. The study concludes the research gaps in evaluating the current Android malware detection framework robustness against state-of-the-art evasion techniques. The study concludes the recent Android malware detection-related issues and lessons learned which require researchers’ attention in the future.

show abstract

“…This limitation is overcome in dynamic analysis [13], by scrutinizing data flows involved during runtime, which are helpful to identify malicious paths. Hybrid analysis [49,50] takes advantage of compromise between static and dynamic analysis and switch from one to another based on contexts. Unlike these works, we are about looking for reviews to evaluate and improve security-related health of apps on Google Play.…”

Section: Security Of Android Appsmentioning

confidence: 99%

CIAA-RepDroid: A Fine-Grained and Probabilistic Reputation Scheme for Android Apps Based on Sentiment Analysis of Reviews

et al. 2020

Self Cite

View full text Add to dashboard Cite

To keep its business reliable, Google is concerned to ensure the quality of apps on the store. One crucial aspect concerning quality is security. Security is achieved through Google Play protect and anti-malware solutions. However, they are not totally efficient since they rely on application features and application execution threads. Google provides additional elements to enable consumers to collectively evaluate applications providing their experiences via reviews or showing their satisfaction through rating. The latter is more informal and hides details of rating whereas the former is textually expressive but requires further processing to understand opinions behind it. Literature lacks approaches which mine reviews through sentiment analysis to extract useful information to improve the security aspects of provided applications. This work goes in this direction and in a fine-grained way, investigates in terms of confidentiality, integrity, availability, and authentication (CIAA). While assuming that reviews are reliable and not fake, the proposed approach determines review polarities based on CIAA-related keywords. We rely on the popular classifier Naive Bayes to classify reviews into positive, negative, and neutral sentiment. We then provide an aggregation model to fusion different polarities to obtain application global and CIAA reputations. Quantitative experiments have been conducted on 13 applications including e-banking, live messaging and anti-malware apps with a total of 1050 security-related reviews and 7,835,322 functionality-related reviews. Results show that 23% of applications (03 apps) have a reputation greater than 0.5 with an accent on integrity, authentication, and availability, while the remaining 77% has a polarity under 0.5. Developers should make a lot of effort in security while developing codes and that more efforts should be made to improve confidentiality reputation. Results also show that applications with good functionality-related reputation generally offer a bad security-related reputation. This situation means that even if the number of security reviews is low, it does not mean that the security aspect is not a consumer preoccupation. Unlike, developers put much more time to test whether applications work without errors even if they include possible security vulnerabilities. A quantitative comparison against well-known rating systems reveals the effectiveness and robustness of CIAA-RepDroid to repute apps in terms of security. CIAA-RepDroid can be associated with existing rating solutions to recommend developers exact CIAA aspects to improve within source codes.

show abstract

LimonDroid: a system coupling three signature-based schemes for profiling Android malware

Cited by 16 publications

References 33 publications

The current state and future of mobile security in the light of the recent mobile security threat reports

The current state and future of mobile security in the light of the recent mobile security threat reports

The rise of obfuscated Android malware and impacts on detection methods

CIAA-RepDroid: A Fine-Grained and Probabilistic Reputation Scheme for Android Apps Based on Sentiment Analysis of Reviews

Contact Info

Product

Resources

About