Auditing Advanced Android Anti-Malware Tools against Sophisticated Evasion Techniques

Abstract

Mobile malware threats have become a real concern. Malware authors are coming up with smarter ways to build applications that can easily compromise confidentiality, integrity and availability of the user’s data and perform other illicit activities like identity theft, financial gains, cyber terrorism etc. The aim of this research work is to audit known antimalware solutions for their efficacy against sophisticated malware evasion techniques. Evaluation of the state-of-the-art commercial mobile anti-malware products for Android is necessary to test how resistant they are against various evasion techniques (even with known malware). Such an evaluation is important for not only measuring the available defense against mobile malware threats but also proposing effective, next-generation solutions. This research work highlights and compares, in detail, various sophisticated techniques employed by the hackers to evade malware detection, along with pros and cons of each technique. It also presents comparison of existing anti-malware tools and their efficacy against the discussed evasion techniques. Finally, using sophisticated anti-malware evasion technique developed for Android Operating System (OS) that uses exhaustive obfuscation to deceive static and dynamic detection respectively to audit known anti-malware solutions and making them more resilient and powerful.