Evaluation of Survivability of the Automatically Obfuscated Android Malware

Himanshu Patel; Deep Patel; Jaspreet Ahluwalia; Vaishali Kapoor; Karthik Narasimhan; Harmanpreet Singh; Harmanjot Kaur; Gadi Harshitha Reddy; Sai Sushma Peruboina; Sergey Butakov

doi:10.3390/app12104969

Applied Sciences (May 2022)

Evaluation of Survivability of the Automatically Obfuscated Android Malware

Himanshu Patel,
Deep Patel,
Jaspreet Ahluwalia,
Vaishali Kapoor,
Karthik Narasimhan,
Harmanpreet Singh,
Harmanjot Kaur,
Gadi Harshitha Reddy,
Sai Sushma Peruboina,
Sergey Butakov

Affiliations

Himanshu Patel: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Deep Patel: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Jaspreet Ahluwalia: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Vaishali Kapoor: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Karthik Narasimhan: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Harmanpreet Singh: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Harmanjot Kaur: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Gadi Harshitha Reddy: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Sai Sushma Peruboina: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada
Sergey Butakov: Information Systems Security and Assurance Management, Concordia University of Edmonton, Edmonton, AB T5B 4E4, Canada

DOI: https://doi.org/10.3390/app12104969
Journal volume & issue: Vol. 12, no. 10
p. 4969

Abstract

Read online

Malware is a growing threat to all mobile platforms and hundreds of new malicious applications are being detected every day. At the same time, the development of automated software obfuscation techniques allows for the easy production of new malware variants even by attackers with entry-level programming skills. Such obfuscation techniques can evade the signature-based mechanism implemented in current antimalware technology. This paper presents the results of a study that examined how automated obfuscation techniques affect malicious and benign applications by two widely used malware detection approaches, namely static and dynamic analyses. The research explored 5000 samples of malware and benign programs and evaluated the impact of automated obfuscation on Android applications. The experimental results indicated that (1) up to 73% of the reviewed applications “survived” the automated obfuscation; (2) automated obfuscation reduced the detection ratio to 65–85% depending on the obfuscation method used. These findings call for a more active use of advanced malware detection methods in commonly used antivirus platforms.

Published in Applied Sciences

ISSN: 2076-3417 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Engineering (General). Civil engineering (General); Science: Biology (General); Science: Physics; Science: Chemistry
Website: http://www.mdpi.com/journal/applsci

About the journal

Abstract

Keywords