• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

混淆式安卓恶意软件的兴起及其对检测方法的影响。

The rise of obfuscated Android malware and impacts on detection methods.

作者信息

Elsersy Wael F, Feizollah Ali, Anuar Nor Badrul

机构信息

Department of Computer System and Technology/Faculty of Computer Science and Information Technology, Universiti Malaya, Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur, Malaysia.

出版信息

PeerJ Comput Sci. 2022 Mar 9;8:e907. doi: 10.7717/peerj-cs.907. eCollection 2022.

DOI:10.7717/peerj-cs.907
PMID:35494876
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC9044361/
Abstract

The various application markets are facing an exponential growth of Android malware. Every day, thousands of new Android malware applications emerge. Android malware hackers adopt reverse engineering and repackage benign applications with their malicious code. Therefore, Android applications developers tend to use state-of-the-art obfuscation techniques to mitigate the risk of application plagiarism. The malware authors adopt the obfuscation and transformation techniques to defeat the anti-malware detections, which this paper refers to as evasions. Malware authors use obfuscation techniques to generate new malware variants from the same malicious code. The concern of encountering difficulties in malware reverse engineering motivates researchers to secure the source code of benign Android applications using evasion techniques. This study reviews the state-of-the-art evasion tools and techniques. The study criticizes the existing research gap of detection in the latest Android malware detection frameworks and challenges the classification performance against various evasion techniques. The study concludes the research gaps in evaluating the current Android malware detection framework robustness against state-of-the-art evasion techniques. The study concludes the recent Android malware detection-related issues and lessons learned which require researchers' attention in the future.

摘要

各个应用市场正面临着安卓恶意软件呈指数级增长的情况。每天都有成千上万的新安卓恶意软件应用出现。安卓恶意软件黑客采用逆向工程,并将恶意代码重新打包到良性应用中。因此,安卓应用开发者倾向于使用最先进的混淆技术来降低应用被抄袭的风险。恶意软件作者采用混淆和转换技术来逃避反恶意软件检测,本文将其称为规避。恶意软件作者使用混淆技术从相同的恶意代码生成新的恶意软件变体。在恶意软件逆向工程中遇到困难的担忧促使研究人员使用规避技术来保护良性安卓应用的源代码。本研究回顾了最先进的规避工具和技术。该研究批评了最新安卓恶意软件检测框架中现有的检测研究差距,并对针对各种规避技术的分类性能提出了挑战。该研究总结了在评估当前安卓恶意软件检测框架针对最先进规避技术的鲁棒性方面的研究差距。该研究总结了近期与安卓恶意软件检测相关的问题以及经验教训,这些在未来需要研究人员予以关注。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/d6767ac4b70d/peerj-cs-08-907-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/0abba086f25c/peerj-cs-08-907-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/1af5ddf42e23/peerj-cs-08-907-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/6862bf19cea9/peerj-cs-08-907-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/2a09eb7d17b9/peerj-cs-08-907-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/3c86da238bcb/peerj-cs-08-907-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/3bb1755e33a3/peerj-cs-08-907-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/d3f7cc43adfb/peerj-cs-08-907-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/6df99b7b02dd/peerj-cs-08-907-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/6c787041f766/peerj-cs-08-907-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/351fa799ed11/peerj-cs-08-907-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/d6767ac4b70d/peerj-cs-08-907-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/0abba086f25c/peerj-cs-08-907-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/1af5ddf42e23/peerj-cs-08-907-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/6862bf19cea9/peerj-cs-08-907-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/2a09eb7d17b9/peerj-cs-08-907-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/3c86da238bcb/peerj-cs-08-907-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/3bb1755e33a3/peerj-cs-08-907-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/d3f7cc43adfb/peerj-cs-08-907-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/6df99b7b02dd/peerj-cs-08-907-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/6c787041f766/peerj-cs-08-907-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/351fa799ed11/peerj-cs-08-907-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/2c50/9044361/d6767ac4b70d/peerj-cs-08-907-g011.jpg

相似文献

1
The rise of obfuscated Android malware and impacts on detection methods.混淆式安卓恶意软件的兴起及其对检测方法的影响。
PeerJ Comput Sci. 2022 Mar 9;8:e907. doi: 10.7717/peerj-cs.907. eCollection 2022.
2
On the evaluation of android malware detectors against code-obfuscation techniques.关于安卓恶意软件检测工具对抗代码混淆技术的评估
PeerJ Comput Sci. 2022 Jun 21;8:e1002. doi: 10.7717/peerj-cs.1002. eCollection 2022.
3
Evaluation and classification of obfuscated Android malware through deep learning using ensemble voting mechanism.基于集成投票机制的深度学习评估和分类混淆型 Android 恶意软件。
Sci Rep. 2023 Feb 22;13(1):3093. doi: 10.1038/s41598-023-30028-w.
4
AndroDex: Android Dex Images of Obfuscated Malware.AndroDex:混淆恶意软件的 Android Dex 映像。
Sci Data. 2024 Feb 16;11(1):212. doi: 10.1038/s41597-024-03027-3.
5
A detection method for android application security based on TF-IDF and machine learning.基于 TF-IDF 和机器学习的安卓应用安全检测方法。
PLoS One. 2020 Sep 11;15(9):e0238694. doi: 10.1371/journal.pone.0238694. eCollection 2020.
6
FedHGCDroid: An Adaptive Multi-Dimensional Federated Learning for Privacy-Preserving Android Malware Classification.FedHGCDroid:用于保护隐私的安卓恶意软件分类的自适应多维联邦学习
Entropy (Basel). 2022 Jul 1;24(7):919. doi: 10.3390/e24070919.
7
MFDroid: A Stacking Ensemble Learning Framework for Android Malware Detection.MFDroid:一种用于 Android 恶意软件检测的堆叠集成学习框架。
Sensors (Basel). 2022 Mar 28;22(7):2597. doi: 10.3390/s22072597.
8
Cyber Code Intelligence for Android Malware Detection.用于安卓恶意软件检测的网络代码智能技术
IEEE Trans Cybern. 2023 Jan;53(1):617-627. doi: 10.1109/TCYB.2022.3164625. Epub 2022 Dec 23.
9
Memory snapshot dataset of a compromised host with malware using obfuscation evasion techniques.使用混淆规避技术的受恶意软件感染主机的内存快照数据集。
Data Brief. 2019 Aug 28;26:104437. doi: 10.1016/j.dib.2019.104437. eCollection 2019 Oct.
10
OpCode-Level Function Call Graph Based Android Malware Classification Using Deep Learning.基于 OpCode 级函数调用图的深度学习的安卓恶意软件分类。
Sensors (Basel). 2020 Jun 29;20(13):3645. doi: 10.3390/s20133645.

引用本文的文献

1
Multimodal malware classification using proposed ensemble deep neural network framework.使用所提出的集成深度神经网络框架进行多模态恶意软件分类。
Sci Rep. 2025 May 23;15(1):18006. doi: 10.1038/s41598-025-96203-3.
2
AndroDex: Android Dex Images of Obfuscated Malware.AndroDex:混淆恶意软件的 Android Dex 映像。
Sci Data. 2024 Feb 16;11(1):212. doi: 10.1038/s41597-024-03027-3.
3
A Kullback-Liebler divergence-based representation algorithm for malware detection.一种基于库尔贝克-莱布勒散度的恶意软件检测表示算法。

本文引用的文献

1
Malware detection using static analysis in Android: a review of FeCO (features, classification, and obfuscation).安卓系统中基于静态分析的恶意软件检测:FeCO(特征、分类与混淆)综述
PeerJ Comput Sci. 2021 Jun 11;7:e522. doi: 10.7717/peerj-cs.522. eCollection 2021.
2
DyHAP: Dynamic Hybrid ANFIS-PSO Approach for Predicting Mobile Malware.DyHAP:用于预测移动恶意软件的动态混合自适应神经模糊推理系统-粒子群优化方法
PLoS One. 2016 Sep 9;11(9):e0162627. doi: 10.1371/journal.pone.0162627. eCollection 2016.
PeerJ Comput Sci. 2023 Sep 22;9:e1492. doi: 10.7717/peerj-cs.1492. eCollection 2023.
4
On the evaluation of android malware detectors against code-obfuscation techniques.关于安卓恶意软件检测工具对抗代码混淆技术的评估
PeerJ Comput Sci. 2022 Jun 21;8:e1002. doi: 10.7717/peerj-cs.1002. eCollection 2022.