DWroidDump: Executable Code Extraction from Android Applications for Malware Analysis | Zendy

Dongwoo Kim | Zendy; Jin Kwak | Zendy; JaeCheol Ryou | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

DWroidDump: Executable Code Extraction from Android Applications for Malware Analysis

Author(s) -

Dongwoo Kim,

Jin Kwak,

JaeCheol Ryou

Publication year - 2015

Publication title -

international journal of distributed sensor networks

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.324

H-Index - 53

eISSN - 1550-1477

pISSN - 1550-1329

DOI - 10.1155/2015/379682

Subject(s) - computer science , executable , android (operating system) , malware , static analysis , operating system , malware analysis , machine code , virtual machine , bytecode , android malware , embedded system , programming language , compiler

We suggest an idea to dump executable code from memory for malicious application analysis on Android platform. Malicious applications are getting enhanced in terms of antianalysis techniques. Recently, sophisticated malicious applications have been found, which are not decompiled and debugged by existing analysis tools. It becomes serious threat to services related to embedded devices based on Android. Thus, we have implemented the idea to obtain main code from the memory by modifying a part of Dalvik Virtual Machine of Android. As a result, we have confirmed that the executable code is completely obtainable. In this paper, we introduce the existing analysis techniques for Android application, and antianalysis techniques. We then describe the proposed method with a sample malicious application which has strong antianalysis techniques.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research