Sciweavers

ACSAC
2015
IEEE

BareDroid: Large-Scale Analysis of Android Apps on Real Devices

8 years 8 months ago
BareDroid: Large-Scale Analysis of Android Apps on Real Devices
To protect Android users, researchers have been analyzing unknown, potentially-malicious applications by using systems based on emulators, such as the Google’s Bouncer and Andrubis. Emulators are the go-to choice because of their convenience: they can scale horizontally over multiple hosts, and can be reverted to a known, clean state in a matter of seconds. Emulators, however, are fundamentally different from real devices, and previous research has shown how it is possible to automatically develop heuristics to identify an emulated environment, ranging from simple flag checks and unrealistic sensor input, to fingerprinting the hypervisor’s handling of basic blocks of instructions. Aware of this aspect, malware authors are starting to exploit this fundamental weakness to evade current detection systems. Unfortunately, analyzing apps directly on bare metal at scale has been so far unfeasible, because the time to restore a device to a clean snapshot is prohibitive: with the same b...
Simone Mutti, Yanick Fratantonio, Antonio Bianchi,
Added 13 Apr 2016
Updated 13 Apr 2016
Type Journal
Year 2015
Where ACSAC
Authors Simone Mutti, Yanick Fratantonio, Antonio Bianchi, Luca Invernizzi, Jacopo Corbetta, Dhilung Kirat, Christopher Kruegel, Giovanni Vigna
Comments (0)