AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware

Md Omar Faruque Khan Russel; Sheikh Shah Mohammad Motiur Rahman; Mamoun Alazab

doi:10.1007/978-3-030-57024-8_8

AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware

Md Omar Faruque Khan Russel, Sheikh Shah Mohammad Motiur Rahman, Mamoun Alazab

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

Abstract

This paper represents a static analysis based research of android’s feature in obfuscated android malware. Android smartphone’s security and privacy of personal information remain threatened because of android based device popularity. It has become a challenging and diverse area to research in information security. Though malware researchers can detect already identified malware, they can not detect many obfuscated malware. Because, malware attackers use different obfuscation techniques, as a result many anti malware engines can not detect obfuscated malware applications. Therefore, it is necessary to identify the obfuscated malware pattern made by attackers. A large-scale investigation has been performed in this paper by developing python scripts, named it AndroShow, to extract pattern of permission, app component, filtered intent, API call and system call from an obfuscated malware dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form have been found and stored in a Comma Separated Values (CSV) file which will be the base of detecting the obfuscated malware in future.

Original language	English
Title of host publication	Machine Intelligence and Big Data Analytics for Cybersecurity Applications
Editors	Yassine Maleh, Mohammad Shojafar, Mamoun Alazab, Youssef Baddi
Place of Publication	Cham, Switzerland
Publisher	Springer Nature Switzerland AG
Pages	191-216
Number of pages	26
Edition	1
ISBN (Electronic)	978-3-030-57024-8
ISBN (Print)	978-3-030-57023-1
DOIs	https://doi.org/10.1007/978-3-030-57024-8_8
Publication status	Published - 2021

Publication series

Name	Studies in Computational Intelligence
Volume	919
ISSN (Print)	1860-949X
ISSN (Electronic)	1860-9503

Access to Document

10.1007/978-3-030-57024-8_8

Cite this

Russel, M. O. F. K., Rahman, S. S. M. M., & Alazab, M. (2021). AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware. In Y. Maleh, M. Shojafar, M. Alazab, & Y. Baddi (Eds.), Machine Intelligence and Big Data Analytics for Cybersecurity Applications (1 ed., pp. 191-216). (Studies in Computational Intelligence; Vol. 919). Springer Nature Switzerland AG. https://doi.org/10.1007/978-3-030-57024-8_8

Russel, Md Omar Faruque Khan ; Rahman, Sheikh Shah Mohammad Motiur ; Alazab, Mamoun. / AndroShow : A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware. Machine Intelligence and Big Data Analytics for Cybersecurity Applications. editor / Yassine Maleh ; Mohammad Shojafar ; Mamoun Alazab ; Youssef Baddi. 1. ed. Cham, Switzerland : Springer Nature Switzerland AG, 2021. pp. 191-216 (Studies in Computational Intelligence).

@inbook{80947ee88c6a41559f979d32e440f3be,

title = "AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware",

abstract = "This paper represents a static analysis based research of android{\textquoteright}s feature in obfuscated android malware. Android smartphone{\textquoteright}s security and privacy of personal information remain threatened because of android based device popularity. It has become a challenging and diverse area to research in information security. Though malware researchers can detect already identified malware, they can not detect many obfuscated malware. Because, malware attackers use different obfuscation techniques, as a result many anti malware engines can not detect obfuscated malware applications. Therefore, it is necessary to identify the obfuscated malware pattern made by attackers. A large-scale investigation has been performed in this paper by developing python scripts, named it AndroShow, to extract pattern of permission, app component, filtered intent, API call and system call from an obfuscated malware dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form have been found and stored in a Comma Separated Values (CSV) file which will be the base of detecting the obfuscated malware in future.",

keywords = "Android malware, Obfuscated malware, Obfuscated malware pattern, Obfuscated malware pattern identification",

author = "Russel, {Md Omar Faruque Khan} and Rahman, {Sheikh Shah Mohammad Motiur} and Mamoun Alazab",

year = "2021",

doi = "10.1007/978-3-030-57024-8_8",

language = "English",

isbn = "978-3-030-57023-1",

series = "Studies in Computational Intelligence",

publisher = "Springer Nature Switzerland AG",

pages = "191--216",

editor = "Yassine Maleh and Mohammad Shojafar and Mamoun Alazab and Youssef Baddi",

booktitle = "Machine Intelligence and Big Data Analytics for Cybersecurity Applications",

address = "Switzerland",

edition = "1",

}

Russel, MOFK, Rahman, SSMM & Alazab, M 2021, AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware. in Y Maleh, M Shojafar, M Alazab & Y Baddi (eds), Machine Intelligence and Big Data Analytics for Cybersecurity Applications. 1 edn, Studies in Computational Intelligence, vol. 919, Springer Nature Switzerland AG, Cham, Switzerland, pp. 191-216. https://doi.org/10.1007/978-3-030-57024-8_8

AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware. / Russel, Md Omar Faruque Khan; Rahman, Sheikh Shah Mohammad Motiur; Alazab, Mamoun.
Machine Intelligence and Big Data Analytics for Cybersecurity Applications. ed. / Yassine Maleh; Mohammad Shojafar; Mamoun Alazab; Youssef Baddi. 1. ed. Cham, Switzerland: Springer Nature Switzerland AG, 2021. p. 191-216 (Studies in Computational Intelligence; Vol. 919).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

TY - CHAP

T1 - AndroShow

T2 - A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware

AU - Russel, Md Omar Faruque Khan

AU - Rahman, Sheikh Shah Mohammad Motiur

AU - Alazab, Mamoun

PY - 2021

Y1 - 2021

N2 - This paper represents a static analysis based research of android’s feature in obfuscated android malware. Android smartphone’s security and privacy of personal information remain threatened because of android based device popularity. It has become a challenging and diverse area to research in information security. Though malware researchers can detect already identified malware, they can not detect many obfuscated malware. Because, malware attackers use different obfuscation techniques, as a result many anti malware engines can not detect obfuscated malware applications. Therefore, it is necessary to identify the obfuscated malware pattern made by attackers. A large-scale investigation has been performed in this paper by developing python scripts, named it AndroShow, to extract pattern of permission, app component, filtered intent, API call and system call from an obfuscated malware dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form have been found and stored in a Comma Separated Values (CSV) file which will be the base of detecting the obfuscated malware in future.

AB - This paper represents a static analysis based research of android’s feature in obfuscated android malware. Android smartphone’s security and privacy of personal information remain threatened because of android based device popularity. It has become a challenging and diverse area to research in information security. Though malware researchers can detect already identified malware, they can not detect many obfuscated malware. Because, malware attackers use different obfuscation techniques, as a result many anti malware engines can not detect obfuscated malware applications. Therefore, it is necessary to identify the obfuscated malware pattern made by attackers. A large-scale investigation has been performed in this paper by developing python scripts, named it AndroShow, to extract pattern of permission, app component, filtered intent, API call and system call from an obfuscated malware dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form have been found and stored in a Comma Separated Values (CSV) file which will be the base of detecting the obfuscated malware in future.

KW - Android malware

KW - Obfuscated malware

KW - Obfuscated malware pattern

KW - Obfuscated malware pattern identification

UR - http://www.scopus.com/inward/record.url?scp=85097866115&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-57024-8_8

DO - 10.1007/978-3-030-57024-8_8

M3 - Chapter

AN - SCOPUS:85097866115

SN - 978-3-030-57023-1

T3 - Studies in Computational Intelligence

SP - 191

EP - 216

BT - Machine Intelligence and Big Data Analytics for Cybersecurity Applications

A2 - Maleh, Yassine

A2 - Shojafar, Mohammad

A2 - Alazab, Mamoun

A2 - Baddi, Youssef

PB - Springer Nature Switzerland AG

CY - Cham, Switzerland

ER -

Russel MOFK, Rahman SSMM, Alazab M. AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware. In Maleh Y, Shojafar M, Alazab M, Baddi Y, editors, Machine Intelligence and Big Data Analytics for Cybersecurity Applications. 1 ed. Cham, Switzerland: Springer Nature Switzerland AG. 2021. p. 191-216. (Studies in Computational Intelligence). doi: 10.1007/978-3-030-57024-8_8

AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware

Abstract

Publication series

Access to Document

Other files and links

Fingerprint

Cite this