CISPA
Browse

Detecting Call Indirection Obfuscation through Equivalence Checking in Android environment

Download (551.01 kB)
journal contribution
posted on 2024-04-11, 13:05 authored by Tiziano MarinaroTiziano Marinaro, Fabio Martinelli, Francesco Mercaldo, Antonella Santone
The detection mechanism provided by current antimalware is the so-called signature based, requiring that a threat must be widespread to be recognised by the antimalware. Even if a malware is rightly recognized, by applying even trivial obfuscation techniques, it is really easy to bypass the antimalware detection mechanism. In this paper we propose a method to detect if an Android application is obfuscated with the call indirection obfuscation techniques by exploiting formal equivalence checking. In the experimental analysis we show the effectiveness of the propose approach for call indirection obfuscation technique detection, by exploiting two obfuscation tools.

History

Primary Research Area

  • Trustworthy Information Processing

Journal

Procedia Computer Science

Volume

192

Page Range

1659-1669

Publisher

Elsevier

Open Access Type

  • Gold

Sub Type

  • Article

BibTeX

@article{Marinaro:Martinelli:Mercaldo:Santone:2021, title = "Detecting Call Indirection Obfuscation through Equivalence Checking in Android environment", author = "Marinaro, Tiziano" AND "Martinelli, Fabio" AND "Mercaldo, Francesco" AND "Santone, Antonella", year = 2021, month = 1, journal = "Procedia Computer Science", pages = "1659--1669", publisher = "Elsevier", issn = "1877-0509", doi = "10.1016/j.procs.2021.08.170" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC