Abstract—Android is the most popular smartphone operating
system with a market share of 80%, but as a consequence,
also the platform most targeted by malware. To deal with
the increasing number of malicious Android apps in the wild,
malware analysts typically rely on analysis tools to extract
characteristic information about an app in an automated fashion.
While the importance of such tools has been addressed by the
research community, the resulting prototypes remain limited in
terms of analysis capabilities and availability.
In this paper we present ANDRUBIS, a fully automated,
publicly available and comprehensive analysis system for
Android apps. ANDRUBIS combines static analysis with dynamic
analysis on both Dalvik VM and system level, as well as
several stimulation techniques to increase code coverage. With
ANDRUBIS, we collected a dataset of over 1,000,000 Android apps,
including 40% malicious apps. This dataset allows us to discuss
trends in malware behavior observed from apps dating back as
far as 2010, as well as to present insights gained from operating
ANDRUBIS as a publicly available service for the past two years.
more here....................http://iseclab.org/papers/andrubis_badgers14.pdf
system with a market share of 80%, but as a consequence,
also the platform most targeted by malware. To deal with
the increasing number of malicious Android apps in the wild,
malware analysts typically rely on analysis tools to extract
characteristic information about an app in an automated fashion.
While the importance of such tools has been addressed by the
research community, the resulting prototypes remain limited in
terms of analysis capabilities and availability.
In this paper we present ANDRUBIS, a fully automated,
publicly available and comprehensive analysis system for
Android apps. ANDRUBIS combines static analysis with dynamic
analysis on both Dalvik VM and system level, as well as
several stimulation techniques to increase code coverage. With
ANDRUBIS, we collected a dataset of over 1,000,000 Android apps,
including 40% malicious apps. This dataset allows us to discuss
trends in malware behavior observed from apps dating back as
far as 2010, as well as to present insights gained from operating
ANDRUBIS as a publicly available service for the past two years.
more here....................http://iseclab.org/papers/andrubis_badgers14.pdf