A Hidden File Extraction Scheme Defeating Malware Using Android Dynamic Loading
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Yoon, H. | - |
dc.contributor.author | Shim, H. | - |
dc.contributor.author | Jung, S. | - |
dc.date.available | 2021-03-08T00:40:11Z | - |
dc.date.created | 2021-03-08 | - |
dc.date.issued | 2020-11 | - |
dc.identifier.issn | 1865-0929 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/40484 | - |
dc.description.abstract | Recently, malicious Android applications have become intelligent to bypass traditional static analysis. Among them, which using dynamic loading techniques hide malicious code by separating DEX files. These additional DEX files can be installed together during the installation time in different directory or downloaded from the command and control server. However intelligent malwares delete the DEX files after execution to avoid analysis. Therefore, It is difficult to figure out the some of hidden behavior without extracting files used for dynamic loading. In this paper, we propose a extraction algorithms to save the loaded or deleted DEX file using Xposed. After that, verifies whether the extracted DEX file is malicious by using the proposed technique. This method allows you to analyze additional actions performed by malware through analysis. As a result, it contributes to find hidden features of Application. © 2020, Springer Nature Singapore Pte Ltd. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | Springer Science and Business Media Deutschland GmbH | - |
dc.relation.isPartOf | Communications in Computer and Information Science | - |
dc.title | A Hidden File Extraction Scheme Defeating Malware Using Android Dynamic Loading | - |
dc.type | Article | - |
dc.identifier.doi | 10.1007/978-981-15-9609-4_7 | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | Communications in Computer and Information Science, v.1121, pp.85 - 98 | - |
dc.description.journalClass | 1 | - |
dc.identifier.scopusid | 2-s2.0-85096487856 | - |
dc.citation.endPage | 98 | - |
dc.citation.startPage | 85 | - |
dc.citation.title | Communications in Computer and Information Science | - |
dc.citation.volume | 1121 | - |
dc.contributor.affiliatedAuthor | Jung, S. | - |
dc.type.docType | Conference Paper | - |
dc.description.isOpenAccess | N | - |
dc.subject.keywordAuthor | Android malware | - |
dc.subject.keywordAuthor | ClassLoader | - |
dc.subject.keywordAuthor | Dynamic loading | - |
dc.subject.keywordAuthor | Java reflection | - |
dc.subject.keywordAuthor | Multidex | - |
dc.subject.keywordPlus | Android (operating system) | - |
dc.subject.keywordPlus | Dynamic loads | - |
dc.subject.keywordPlus | Extraction | - |
dc.subject.keywordPlus | Malware | - |
dc.subject.keywordPlus | Mobile security | - |
dc.subject.keywordPlus | Static analysis | - |
dc.subject.keywordPlus | Command and control | - |
dc.subject.keywordPlus | Dynamic loadings | - |
dc.subject.keywordPlus | Extraction algorithms | - |
dc.subject.keywordPlus | Installation time | - |
dc.subject.keywordPlus | Malicious android applications | - |
dc.subject.keywordPlus | Malicious codes | - |
dc.subject.keywordPlus | Malwares | - |
dc.subject.keywordPlus | Loading | - |
dc.description.journalRegisteredClass | scopus | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.