An Android Application Sandbox system for suspicious software detection
Top Cited Papers
- 1 October 2010
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Smartphones are steadily gaining popularity, creating new application areas as their capabilities increase in terms of computational power, sensors and communication. Emerging new features of mobile devices give opportunity to new threats. Android is one of the newer operating systems targeting smartphones. While being based on a Linux kernel, Android has unique properties and specific limitations due to its mobile nature. This makes it harder to detect and react upon malware attacks if using conventional techniques. In this paper, we propose an Android Application Sandbox (AASandbox) which is able to perform both static and dynamic analysis on Android programs to automatically detect suspicious applications. Static analysis scans the software for malicious patterns without installing it. Dynamic analysis executes the application in a fully isolated environment, i.e. sandbox, which intervenes and logs low-level interactions with the system for further analysis. Both the sandbox and the detection algorithms can be deployed in the cloud, providing a fast and distributed detection of suspicious software in a mobile software store akin to Google's Android Market. Additionally, AASandbox might be used to improve the efficiency of classical anti-virus applications available for the Android operating system.Keywords
This publication has 14 references indexed in Scilit:
- ADSandboxPublished by Association for Computing Machinery (ACM) ,2010
- Smartphone malware evolution revisited: Android next target?Published by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Detecting Symbian OS malware through static function call analysisPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Static Analysis of Executables for Collaborative Malware Detection on AndroidPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2009
- Understanding Android SecurityIEEE Security & Privacy, 2009
- Is It Finally Time to Worry about Mobile Malware?Computer, 2008
- Limits of Static Analysis for Malware DetectionPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2007
- Low-Level Library Analysis and SummarizationPublished by Springer Nature ,2007
- Toward Automated Dynamic Malware Analysis Using CWSandboxIEEE Security & Privacy, 2007
- A methodology to detect and characterize kernel level rootkit exploits involving redirection of the system call tablePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004