Litcius/Paper detail

Malware detection using static analysis in Android: a review of FeCO (features, classification, and obfuscation)

Rosmalissa Jusoh, Ahmad Firdaus, Shahid Anwar, Mohd Zamri Osman, Mohd Faaizie Darmawan, Mohd Faizal Ab Razak

2021PeerJ Computer Science37 citationsDOIOpen Access PDF

Abstract

Android is a free open-source operating system (OS), which allows an in-depth understanding of its architecture. Therefore, many manufacturers are utilizing this OS to produce mobile devices (smartphones, smartwatch, and smart glasses) in different brands, including Google Pixel, Motorola, Samsung, and Sony. Notably, the employment of OS leads to a rapid increase in the number of Android users. However, unethical authors tend to develop malware in the devices for wealth, fame, or private purposes. Although practitioners conduct intrusion detection analyses, such as static analysis, there is an inadequate number of review articles discussing the research efforts on this type of analysis. Therefore, this study discusses the articles published from 2009 until 2019 and analyses the steps in the static analysis (reverse engineer, features, and classification) with taxonomy. Following that, the research issue in static analysis is also highlighted. Overall, this study serves as the guidance for novice security practitioners and expert researchers in the proposal of novel research to detect malware through static analysis.

Topics & Concepts

MalwareStatic analysisAndroid (operating system)Computer scienceObfuscationAndroid malwareComputer securityMobile deviceMalware analysisData scienceWorld Wide WebOperating systemProgramming languageAdvanced Malware Detection TechniquesNetwork Security and Intrusion DetectionSoftware Testing and Debugging Techniques