Matches in SemOpenAlex for { <https://semopenalex.org/work/W2296128045> ?p ?o ?g. }
Showing items 1 to 92 of
92
with 100 items per page.
- W2296128045 endingPage "381" @default.
- W2296128045 startingPage "359" @default.
- W2296128045 abstract "As the techniques for Android malware detection are progressing, malware also fights back through deploying advanced code encryption with the help of Android packers. An effective Android malware detection therefore must take the unpacking issue into consideration to prove the accuracy. Unfortunately, this issue is not easily addressed. Android packers often adopt multiple complex anti-analysis defenses and are evolving frequently. Current unpacking approaches are either based on manual efforts, which are slow and tedious, or based on coarse-grained memory dumping, which are susceptible to a variety of anti-monitoring defenses. This paper conducts a systematic study on existing Android malware which is packed. A thorough investigation on 37,688 Android malware samples is conducted to take statistics of how widespread are those samples protected by Android packers. The anti-analysis techniques of related commercial Android packers are also summarized. Then, we propose AppSpear, a generic and fine-grained system for automatically malware unpacking. Its core technique is a bytecode decrypting and Dalvik executable (DEX) reassembling method, which is able to recover any protected bytecode effectively without the knowledge of the packer. AppSpear directly instruments the Dalvik VM to collect the decrypted bytecode information from the Dalvik Data Struct (DDS), and performs the unpacking by conducting a refined reassembling process to create a new DEX file. The unpacked app is then available for being analyzed by common program analysis tools or malware detection systems. Our experimental evaluation shows that AppSpear could sanitize mainstream Android packers and help detect more malicious behaviors. To the best of our knowledge, AppSpear is the first automatic and generic unpacking system for current commercial Android packers." @default.
- W2296128045 created "2016-06-24" @default.
- W2296128045 creator A5000291486 @default.
- W2296128045 creator A5008204306 @default.
- W2296128045 creator A5014609439 @default.
- W2296128045 creator A5018284440 @default.
- W2296128045 creator A5020082816 @default.
- W2296128045 creator A5031286961 @default.
- W2296128045 creator A5078860408 @default.
- W2296128045 date "2015-01-01" @default.
- W2296128045 modified "2023-10-16" @default.
- W2296128045 title "AppSpear: Bytecode Decrypting and DEX Reassembling for Packed Android Malware" @default.
- W2296128045 cites W101604734 @default.
- W2296128045 cites W1508225132 @default.
- W2296128045 cites W165688198 @default.
- W2296128045 cites W1892063863 @default.
- W2296128045 cites W1990649188 @default.
- W2296128045 cites W2015790908 @default.
- W2296128045 cites W2041276426 @default.
- W2296128045 cites W2096921767 @default.
- W2296128045 cites W2122672392 @default.
- W2296128045 cites W2126734536 @default.
- W2296128045 cites W2158874007 @default.
- W2296128045 cites W2159702664 @default.
- W2296128045 cites W2159928814 @default.
- W2296128045 cites W2264131323 @default.
- W2296128045 doi "https://doi.org/10.1007/978-3-319-26362-5_17" @default.
- W2296128045 hasPublicationYear "2015" @default.
- W2296128045 type Work @default.
- W2296128045 sameAs 2296128045 @default.
- W2296128045 citedByCount "46" @default.
- W2296128045 countsByYear W22961280452016 @default.
- W2296128045 countsByYear W22961280452017 @default.
- W2296128045 countsByYear W22961280452018 @default.
- W2296128045 countsByYear W22961280452019 @default.
- W2296128045 countsByYear W22961280452020 @default.
- W2296128045 countsByYear W22961280452021 @default.
- W2296128045 countsByYear W22961280452022 @default.
- W2296128045 countsByYear W22961280452023 @default.
- W2296128045 crossrefType "book-chapter" @default.
- W2296128045 hasAuthorship W2296128045A5000291486 @default.
- W2296128045 hasAuthorship W2296128045A5008204306 @default.
- W2296128045 hasAuthorship W2296128045A5014609439 @default.
- W2296128045 hasAuthorship W2296128045A5018284440 @default.
- W2296128045 hasAuthorship W2296128045A5020082816 @default.
- W2296128045 hasAuthorship W2296128045A5031286961 @default.
- W2296128045 hasAuthorship W2296128045A5078860408 @default.
- W2296128045 hasConcept C111919701 @default.
- W2296128045 hasConcept C138885662 @default.
- W2296128045 hasConcept C160145156 @default.
- W2296128045 hasConcept C25344961 @default.
- W2296128045 hasConcept C2777256151 @default.
- W2296128045 hasConcept C2779395397 @default.
- W2296128045 hasConcept C2779818221 @default.
- W2296128045 hasConcept C2989133298 @default.
- W2296128045 hasConcept C38652104 @default.
- W2296128045 hasConcept C41008148 @default.
- W2296128045 hasConcept C41895202 @default.
- W2296128045 hasConcept C541664917 @default.
- W2296128045 hasConcept C557433098 @default.
- W2296128045 hasConceptScore W2296128045C111919701 @default.
- W2296128045 hasConceptScore W2296128045C138885662 @default.
- W2296128045 hasConceptScore W2296128045C160145156 @default.
- W2296128045 hasConceptScore W2296128045C25344961 @default.
- W2296128045 hasConceptScore W2296128045C2777256151 @default.
- W2296128045 hasConceptScore W2296128045C2779395397 @default.
- W2296128045 hasConceptScore W2296128045C2779818221 @default.
- W2296128045 hasConceptScore W2296128045C2989133298 @default.
- W2296128045 hasConceptScore W2296128045C38652104 @default.
- W2296128045 hasConceptScore W2296128045C41008148 @default.
- W2296128045 hasConceptScore W2296128045C41895202 @default.
- W2296128045 hasConceptScore W2296128045C541664917 @default.
- W2296128045 hasConceptScore W2296128045C557433098 @default.
- W2296128045 hasLocation W22961280451 @default.
- W2296128045 hasOpenAccess W2296128045 @default.
- W2296128045 hasPrimaryLocation W22961280451 @default.
- W2296128045 hasRelatedWork W1936837038 @default.
- W2296128045 hasRelatedWork W2617476279 @default.
- W2296128045 hasRelatedWork W2771873290 @default.
- W2296128045 hasRelatedWork W2793030797 @default.
- W2296128045 hasRelatedWork W2964899650 @default.
- W2296128045 hasRelatedWork W3022728237 @default.
- W2296128045 hasRelatedWork W3047771074 @default.
- W2296128045 hasRelatedWork W4290627698 @default.
- W2296128045 hasRelatedWork W4321612960 @default.
- W2296128045 hasRelatedWork W4385749679 @default.
- W2296128045 isParatext "false" @default.
- W2296128045 isRetracted "false" @default.
- W2296128045 magId "2296128045" @default.
- W2296128045 workType "book-chapter" @default.