Our paper Mobile-Sandbox: Having a Deeper Look into Android Applications got accepted at SAC’13 and will be presented there at 18-22 March 2013.
Here is the abstract:
Smartphones in general and Android in particular are increasingly shifting into the focus of cybercriminals. For understanding the threat to security and privacy it is important for security researchers to analyze malicious software written for these systems. The exploding number of Android malware calls for automation in the analysis. In this paper, we present Mobile-Sandbox, a system designed to automatically analyze Android applications in two novel ways:
- it combines static and dynamic analysis, i.e., results of static analysis are used to guide dynamic analysis and extend coverage of executed code, and
- it uses specific techniques to log calls to native (i.e., “non-Java”) APIs.
For this paper we evaluated the system with more than 36,000 applications from Asian third-party mobile markets and found that 24% of them actually use native calls in their code.