Open Access iconOpen Access

ARTICLE

crossmark

Deobfuscating Mobile Malware for Identifying Concealed Behaviors

by Dongho Lee, Geochang Jeon, Sunjun Lee, Haehyun Cho*

Soongsil University, Seoul, 06978, Korea

* Corresponding Author: Haehyun Cho. Email: email

Computers, Materials & Continua 2022, 72(3), 5909-5923. https://doi.org/10.32604/cmc.2022.026395

Abstract

The smart phone market is continuously increasing and there are more than 6 billion of smart phone users worldwide with the aid of the 5G technology. Among them Android occupies 87% of the market share. Naturally, the widespread Android smartphones has drawn the attention of the attackers who implement and spread malware. Consequently, currently the number of malware targeting Android mobile phones is ever increasing. Therefore, it is a critical task to find and detect malicious behaviors of malware in a timely manner. However, unfortunately, attackers use a variety of obfuscation techniques for malware to evade or delay detection. When an obfuscation technique such as the class encryption is applied to a malicious application, we cannot obtain any information through a static analysis regarding its malicious behaviors. Hence, we need to rely on the manual, dynamic analysis to find concealed malicious behaviors from obfuscated malware. To avoid malware spreading out in larger scale, we need an automated deobfuscation approach that accurately deobfuscates obfuscated malware so that we can reveal hidden malicious behaviors. In this study, we introduce widely-used obfuscation techniques and propose an effective deobfuscation method, named ARBDroid, for automatically deobfuscating the string encryption, class encryption, and API hiding techniques. Our evaluation results clearly demonstrate that our approach can deobfuscate obfuscated applications based on dynamic analysis results.

Keywords


Cite This Article

APA Style
Lee, D., Jeon, G., Lee, S., Cho, H. (2022). Deobfuscating mobile malware for identifying concealed behaviors. Computers, Materials & Continua, 72(3), 5909-5923. https://doi.org/10.32604/cmc.2022.026395
Vancouver Style
Lee D, Jeon G, Lee S, Cho H. Deobfuscating mobile malware for identifying concealed behaviors. Comput Mater Contin. 2022;72(3):5909-5923 https://doi.org/10.32604/cmc.2022.026395
IEEE Style
D. Lee, G. Jeon, S. Lee, and H. Cho, “Deobfuscating Mobile Malware for Identifying Concealed Behaviors,” Comput. Mater. Contin., vol. 72, no. 3, pp. 5909-5923, 2022. https://doi.org/10.32604/cmc.2022.026395



cc Copyright © 2022 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1473

    View

  • 1089

    Download

  • 1

    Like

Share Link