Using Implicit Calls to Improve Malware Dynamic Execution

Abstract : The number of Android malware has been increasing for the last 5 years. These malware use more often evasion techniques to hide their malicious intent and avoid analysis tools. In this work, we focus on triggering the most suspicious parts of code in malicious applications in order to monitor their behaviors using dynamic analysis tools for a better understanding of their activities. To do this, a global control flow graph (CFG) is used to exhibit an execution path to reach specific parts of code. Here we explain why using only explicit interprocedural calls may lead to a partial build of the CFG. In this poster, we explain that concept and propose a solution that improves malicious code reachability by means of integrating implicit calls.
Document type :
Poster communications
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01304326
Contributor : Jean-François Lalande <>
Submitted on : Thursday, May 19, 2016 - 9:56:46 AM
Last modification on : Thursday, February 7, 2019 - 4:33:20 PM

File

poster_origin.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01304326, version 1

Citation

Mourad Leslous, Jean-François Lalande, Valérie Viet Triem Tong. Using Implicit Calls to Improve Malware Dynamic Execution. 37th IEEE Symposium on Security and Privacy, May 2016, San Jose, United States. ⟨hal-01304326⟩

Share

Metrics

Record views

1065

Files downloads

102