Abstract
Android operating system is one of the most prominent operating systems among the mobile device users worldwide. But it is often the most targeted platform for malicious activities. Many researchers have studied android malware detection systems over the previous years. But android malware detection systems face many challenges, and obfuscation is one of them. String encryption is one such obfuscation technique which helps android malwares to evade malware detection systems. To address this challenge in android malware detection systems, a novel approach is being proposed in this study where crypto-detector: An open-source cryptography detection tool has been used in decompiled application code to extract encrypted strings and encryption methods as features. Accuracy of 0.9880 and F1-score of 0.9843 have been achieved during performance evaluation. Importance of newly proposed crypto features has been discussed. Performance of our framework has been compared to those of other similar existing works, and our work has outperformed all of them.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Liu K, Xu S, Xu G, Zhang M, Sun D, Liu H (2020) A review of Android malware detection approaches based on machine learning. IEEE Access 8:124579–124607
Qiu J, Zhang J, Luo W, Pan L, Nepal S, **ang Y (2021) A survey of Android malware detection with deep neural models. ACM Comput Surv 53:1–36
Pan Y, Ge X, Fang C, Fan Y (2020) A systematic literature review of Android malware detection using static analysis. IEEE Access 8:116363–116379
Zhang X, Breitinger F, Luechinger E, O’Shaughnessy S (2021) Android application forensics: a survey of obfuscation, obfuscation detection and deobfuscation techniques and their impact on investigations. Forens Sci Int: Digit Invest 39:301285
Chen Y, Chen H, Takahashi T, Sun B, Lin T (2021) Impact of code deobfuscation and feature interaction in Android malware detection. IEEE Access 9:123208–123219
GitHub–Wind-River/crypto-detector. Cryptography detection tool. https://github.com/Wind-River/crypto-detector. Accessed 9 May 2022
Wind River. https://www.windriver.com/. Accessed 9 May 2022
DeGuard. Statistical deobfuscation for Android. http://apk-deguard.com/. Accessed 9 May 2022
Sihag V, Vardhan M, Singh P (2021) BLADE: robust malware detection against obfuscation in android. Forens Sci Int: Digit Invest 38:301176
Roy A, Jas D, Jaggi G, Sharma K (2020) Android malware detection based on vulnerable feature aggregation. Procedia Comput Sci 173:345–353
Garcia J, Hammad M, Malek S (2018) Lightweight, obfuscation-resilient detection and family identification of Android malware. ACM Trans Softw Eng Methodol 26:1–29
Aghamohammadi A, Faghih F (2019) Lightweight versus obfuscation-resilient malware detection in Android applications. J Comput Virol Hack Tech 16:125–139
Cai H, Meng N, Ryder B, Yao D (2019) DroidCat: effective Android malware detection and categorization via app-level profiling. IEEE Trans Inf Forens Secur 14:1455–1470
Kim T, Kang B, Rho M, Sezer S, Im E (2019) A multimodal deep learning method for Android malware detection using various features. IEEE Trans Inf Forens Secur 14:773–788
Al Asad N, Elahi MT, Al Hasan A, Yousuf MA (2020) Permission-based blockchain with proof of authority for secured healthcare data sharing. In: 2020 2nd international conference on advanced information and communication technology (ICAICT). IEEE, pp 35–40
Newaz NT, Haque MR, Akhund TMNU, Khatun T, Biswas M, Yousuf MA (2021) IoT security perspectives and probable solution. In: 2021 fifth world conference on smart trends in systems security and sustainability (WorldS4). IEEE, pp 81–86
Nirjhor MKI, Yousuf MA, Mhaboob MS (2021) Electronic medical record data sharing through authentication and integrity management. In: 2021 2nd international conference on robotics, electrical and signal processing techniques (ICREST). IEEE, pp 308–313
Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens CERT (2014) Drebin: effective and explainable detection of android malware in your pocket. Ndss 14:23–26
Allix K, Bissyandé TF, Klein J, Le Traon Y (2016) Androzoo: collecting millions of android apps for the research community. In: 2016 IEEE/ACM 13th working conference on mining software repositories (MSR). IEEE, pp 468–471
VirusTotal. https://www.virustotal.com/gui/home/upload. Accessed 12 May 2022
Apktool—a tool for reverse engineering 3rd party, closed, binary Android apps. https://ibotpeaches.github.io/Apktool/. Accessed 12 May 2022
Android Open Source Project. https://source.android.com/. Accessed 12 May 2022
Aafer Y, Du W, Yin H (2013) Droidapiminer: mining API-level features for robust malware detection in android. In: International conference on security and privacy in communication systems. Springer, Cham, pp 86–103
Android Developers. https://developer.android.com/. Accessed 12 May 2022
sklearn.ensemble.RandomForestClassifier. https://scikit-learn.org/stable/modules/generated/sklearn.ensemble.RandomForestClassifier.html. Accessed 12 May 2022
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Bhakta, D., Yousuf, M.A., Rana, M.S. (2023). Android Malware Detection Against String Encryption Based Obfuscation. In: Kumar, S., Sharma, H., Balachandran, K., Kim, J.H., Bansal, J.C. (eds) Third Congress on Intelligent Systems. CIS 2022. Lecture Notes in Networks and Systems, vol 613. Springer, Singapore. https://doi.org/10.1007/978-981-19-9379-4_39
Download citation
DOI: https://doi.org/10.1007/978-981-19-9379-4_39
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-9378-7
Online ISBN: 978-981-19-9379-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)