04/08/20231

Analysis on maliciousness for mobile applications

Seung-Hyun Seo, Dong-Guen Lee.Internet Incidents Response Division

Korea Internet & Security Agency Seoul, South Korea. 2012 IEEE

Reporter: Chi-Wei, Chien （簡綺葳）

04/08/20232

Introduction

Threat Types of Mobile Malware

Detection Framework of Malicious Android

Applications

The Experiment Results

Conclusions

Outline

04/08/20233

As the Android without any code review or security checks,

hackers can easily distribute their malicious applications.

Previous studies were based on a permission analysis

approach or static analysis approach to determine malicious

behavior. they didn't provide methods to automatically

collect Android apps in the Android market.

Introduction

04/08/20234

Information Leakage

Monetary Loss

Restricted device usage

Mobile DDoS

Threat Types of Mobile Malware

04/08/20235

App Collection Phase

Static Analysis Phase

Dynamic Analysis Phase

Detection Framework of Malicious Android Applications

04/08/20236

04/08/20237

The Experiment Results

Simple static analysis cannot find distinct

differences between malicious apps and normal

chatting and security apps.

The analyses of 1,014 apps collected found 19

suspicious apps that might be malicious as they

behaved following the malicious behavior patterns

defined here.

04/08/20238

04/08/20239

04/08/202310

In this paper, we proposed a framework for detecting malicious Android apps using automatic app collection and analysis features.

The proposed framework features not only the analysis of malicious behavior but also monitoring and detection of malicious apps in the market.

Conclusions