Scribd
Upload
27 views1 page

Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks

This paper evaluates the effectiveness of 10 popular commercial Android anti-malware products against common obfuscation techniques used by mobile malware, finding that none of the anti-malware tools were resistant to basic malware transformations and the majority could be easily defeated with slight modifications to known malware. The paper uses a systematic framework called Droid Chameleon that applies various transformation techniques to test the anti-malware products, and proposes potential remedies for improving malware detection on mobile devices based on the results.

Uploaded by

Sengottu Velu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
27 views1 page

Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks

This paper evaluates the effectiveness of 10 popular commercial Android anti-malware products against common obfuscation techniques used by mobile malware, finding that none of the anti-malware tools were resistant to basic malware transformations and the majority could be easily defeated with slight modifications to known malware. The paper uses a systematic framework called Droid Chameleon that applies various transformation techniques to test the anti-malware products, and proposes potential remedies for improving malware detection on mobile devices based on the results.

Uploaded by

Sengottu Velu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 1

Catch Me if You Can: Evaluating

Android
Anti-malware against
Transformation Attacks

Mobile malware threats (e.g., on Android) have recently become a real concern. In

this paper, we evaluate the state-of-the-art commercial mobile anti-malware

products for Android and test how resistant they are against various common

obfuscation techniques (even with known malware). Such an evaluation is

important for not only measuring the available defense against mobile malware

threats but also proposing effective, next-generation solutions. The model is Droid

Chameleon, a systematic framework with various transformation techniques,

and used it for our study. The results on ten popular commercial anti-malware

applications for Android are worrisome: none of these tools is resistant against

common malware transformation techniques. Moreover, a majority of them can be

trivially defeated by applying slight transformation over known malware with little

effort for malware authors. Finally, in the light of our results, we propose possible

remedies for improving the current state of malware detection on mobile devices.

You might also like