Catch Me If You Can- Evaluating Android Anti-Malware Against Transformation Attacks
Download as PPTX, PDF1 like1,692 views
The document evaluates the effectiveness of commercial anti-malware products for Android against transformation attacks, finding that none of the tested applications effectively resist common obfuscation techniques. A systematic framework called 'droidchameleon' was developed to assess the malware detection capabilities of various tools, revealing that many can be easily bypassed with minor alterations to known threats. The findings suggest a need for improved strategies in anti-malware software development to enhance mobile security.
Catch Me If You Can- Evaluating Android Anti-Malware Against Transformation Attacks
- 1. CATCH ME IF YOU CAN: EVALUATING ANDROID ANTI-MALWARE AGAINST TRANSFORMATION ATTACKS PRESENTED BY: LANSA INFORMATICS PVT LTD
- 2. ABSTRACT: • Mobile malware threats (e.g., on Android) have recently become a real concern. In this paper, we evaluate the state-of-the-art commercial mobile anti-malware products for Android and test how resistant they are against various common obfuscation techniques (even with known malware). • Such an evaluation is important for not only measuring the available defense against mobile malware threats, but also proposing effective, next generation solutions. • We developed DroidChameleon, a systematic framework with various transformation techniques, and used it for our study.
- 3. • Our results on 10 popular commercial anti-malware applications for Android are worrisome: none of these tools is resistant against common malware transformation techniques. • In addition, a majority of them can be trivially defeated by applying slight transformation over known malware with little effort for malware authors. • Finally, in light of our results, we propose possible remedies for improving the current state of malware detection on mobile devices.
- 4. EXISTING SYSTEM: • Mobile computing devices such as smartphones and tablets are becoming increasingly popular. • Unfortunately, this popularity attracts malware authors too. In reality, mobile malware has already become a serious concern. • It has been reported that on Android, one of the most popular smartphone platforms, malware has constantly been on the rise and the platform is seen as “clearly today’s target”. • With the growth of malware, the platform has also seen an evolution of anti-malware tools, with a range of free and paid offerings now available in the official Android app market, Google Play.
- 5. • Polymorphic attacks have long been a plague for traditional desktop and server systems. While there exist earlier studies the effectiveness of anti-malware tools on PCs, our domain of study • is different in that we exclusively focus on mobile devices like smartphones, which require different ways for anti-malware design. • Also, malware on mobile devices have recently escalated their evolution but the capabilities of existing anti-malware tools are largely not yet understood.
- 6. DISADVANTAGES OF EXISTING SYSTEM: Some of the applications even claim resistance against malware transformations. It will detect only specific malwares. It allows application to access and modify all the information.
- 7. PROBLEM STATEMENT: We aim to evaluate the efficacy of anti-malware tools on Android in the face of various evasion techniques SCOPE: Findings show that some antimalware tools have tried to strengthen their signatures with a trend towards content-based signatures while previously they were evaded by trivial transformations not involving code-level changes. The improved signatures are however still shown to be easily evaded.
- 8. PROPOSED SYSTEM: To evaluate existing anti-malware software, we develop a systematic framework called DroidChameleon with several common transformation techniques that may be used to transform Android applications automatically. Some of these transformations are highly specific to the Android platform only. Based on the framework, we pass known malware samples (from different families) through these transformations to generate new variants of malware, which are verified to possess the originals’ malicious functionality. We use these variants to evaluate the effectiveness and robustness of popular anti-malware tools. Based on our evaluation results, we also explore possible ways to improve current anti-malware solutions. Specifically, we point out that Android eases developing advanced detection techniques because much code is high-level bytecodes rather than native codes. Furthermore, certain platformsupport can be enlisted to cope with advanced transformations.
- 9. ADVANTAGES OF PROPOSED SYSTEM: It provides solutions for all types of malware available. It block the application to access the information. Resist to all types of transformations available to harm the system.
- 10. SYSTEM CONFIGURATION:- HARDWARE REQUIREMENTS:- Processor - Pentium –IV Speed - 1.1 Ghz RAM - 512 MB(min) Hard Disk - 40 GB Key Board - Standard Windows Keyboard Mouse - Two or Three Button Mouse Monitor - LCD/LED
- 11. SYSTEM CONFIGURATION:- SOFTWARE REQUIREMENTS:- Operating system : Windows XP. Coding Language : Android Data Base : SQLite Tool : Eclipse.
- 12. REFERENCE: Vaibhav Rastogi, Yan Chen, and Xuxian Jiang “Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks ” IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 9, NO. 1, JANUARY 2014
- 13. OFFICE ADDRESS: LansA Informatics Pvt ltd No 165, 5th Street, Crosscut Road, Gandhipuram, Coimbatore - 641 015 OTHER MODE OF CONTACT: Landline: 0422 – 4204373 Mobile : +91 90 953 953 33 +91 91 591 159 69 Email ID: lansa.projects@gmail.com web: www.lansainformatics.com Blog: www.lansastudentscdc.blogspot.co m Facebook: www.facebook.com/lansainformati cs Twitter: www.twitter.com/lansainformatic CONTACT US