Detect malware in Android firmware based on distributed network environment

HIEN DO
9:36 09/10/2019

Android operating system always occupies the highest market share in mobile operating systems. Security analysis on Android operating systems often focuses on analyzing applications (APK files) when installed on the phone. There are few studies analyzing Android firmware, especially customized Android firmware. In this study, we propose a model to analyze Android firmware using a distribution model. The proposed system can be deployed on a distributed network system, which allows for multiple Android firmware analysis requests at the same time. Experimental results show that the performance of the proposed system is better than the single node model. Besides, we also discovered many malware in preinstalled applications in custom Android firmware in the wild.

TIN LIÊN QUAN
The advancement of software vulnerability detection tools has accelerated in recent years, yet the prevalence and severity of vulnerabilities continue to escalate, posing significant threats to computer security and information safety. To address this, numerous detection methodologies have been proposed, with machine learning-based approaches demonstrating notable promise. In this paper,...
Detecting malware on Android remains a major challenge because malicious apps use sophisticated evasion techniques. This study presents RAX-ClaMal, a novel approach leveraging dynamic analysis of RAX (Register a Extended) register values for Android malware detection. By extracting and examining the RAX register in the data sections from Dalvik Executable...