Open AccessAnalysis of dynamic code updating in Android with security perspective
Author(s) -
Aysan Ahmet I.,
Sakiz Fatih,
Sen Sevil
Publication year - 2019
Publication title -
iet information security
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.308
H-Index - 34
eISSN - 1751-8717
pISSN - 1751-8709
DOI - 10.1049/iet-ifs.2018.5316
Subject(s) - exploit , computer science , static analysis , malware , android (operating system) , computer security , android malware , taint checking , permission , security analysis , security bug , application security , cryptovirology , malware analysis , software security assurance , information security , operating system , security service , software , programming language , political science , law
Attackers have been searching for security vulnerabilities to exploit in Android applications. Such security vulnerabilities include Android applications that could load code at runtime which helps attackers avoid detection by static analysis tools. In this study, an extensive analysis is conducted in order to see how attackers employ updating techniques to exploit such vulnerabilities and to assess the security risks of applications in the marketplace using these techniques. A comprehensive analysis was carried out on nearly 30,000 applications collected from three different Android markets and two malware datasets. Static, dynamic and permission‐based analyses were employed in order to monitor malicious activities in such applications, and new malicious applications using updating techniques were discovered in Google Play. The results show that applications employing code updating techniques are on the rise. It is believed that this is the first study of its kind to monitor updating behaviours of applications during their execution. This analysis allows us to deeply analyse suspicious applications and thereby develop better security solutions.