1-s2.0-S1877050921016653-main.pdf (551.01 kB)
Detecting Call Indirection Obfuscation through Equivalence Checking in Android environment
journal contribution
posted on 2024-04-11, 13:05 authored by Tiziano MarinaroTiziano Marinaro, Fabio Martinelli, Francesco Mercaldo, Antonella SantoneThe detection mechanism provided by current antimalware is the so-called signature based, requiring that a threat must be widespread to be recognised by the antimalware. Even if a malware is rightly recognized, by applying even trivial obfuscation techniques, it is really easy to bypass the antimalware detection mechanism. In this paper we propose a method to detect if an Android application is obfuscated with the call indirection obfuscation techniques by exploiting formal equivalence checking. In the experimental analysis we show the effectiveness of the propose approach for call indirection obfuscation technique detection, by exploiting two obfuscation tools.
History
Primary Research Area
- Trustworthy Information Processing
Journal
Procedia Computer ScienceVolume
192Page Range
1659-1669Publisher
ElsevierOpen Access Type
- Gold
Sub Type
- Article
BibTeX
@article{Marinaro:Martinelli:Mercaldo:Santone:2021, title = "Detecting Call Indirection Obfuscation through Equivalence Checking in Android environment", author = "Marinaro, Tiziano" AND "Martinelli, Fabio" AND "Mercaldo, Francesco" AND "Santone, Antonella", year = 2021, month = 1, journal = "Procedia Computer Science", pages = "1659--1669", publisher = "Elsevier", issn = "1877-0509", doi = "10.1016/j.procs.2021.08.170" }Usage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC