Open AccessMalware detection using static analysis in Android: a review of FeCO (features, classification, and obfuscation)
Author(s) -
Rosmalissa Jusoh,
Ahmad Firdaus,
Shahid Anwar,
Mohd Zamri Osman,
Mohd Faaizie Darmawan,
Mohd Faizal Ab Razak
Publication year - 2021
Publication title -
peerj. computer science
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.806
H-Index - 24
ISSN - 2376-5992
DOI - 10.7717/peerj-cs.522
Subject(s) - malware , static analysis , android (operating system) , computer science , obfuscation , android malware , computer security , mobile device , malware analysis , data science , world wide web , operating system , programming language
Android is a free open-source operating system (OS), which allows an in-depth understanding of its architecture. Therefore, many manufacturers are utilizing this OS to produce mobile devices (smartphones, smartwatch, and smart glasses) in different brands, including Google Pixel, Motorola, Samsung, and Sony. Notably, the employment of OS leads to a rapid increase in the number of Android users. However, unethical authors tend to develop malware in the devices for wealth, fame, or private purposes. Although practitioners conduct intrusion detection analyses, such as static analysis, there is an inadequate number of review articles discussing the research efforts on this type of analysis. Therefore, this study discusses the articles published from 2009 until 2019 and analyses the steps in the static analysis (reverse engineer, features, and classification) with taxonomy. Following that, the research issue in static analysis is also highlighted. Overall, this study serves as the guidance for novice security practitioners and expert researchers in the proposal of novel research to detect malware through static analysis.