On the Effectiveness of Malware Protection on Android an Evaluation of Android Antivirus Apps
نویسندگان
چکیده
Android is currently the most popular smartphone operating system. However, users feel their private information at threat, facing a rapidly increasing number of malware for Android which significantly exceeds that of other platforms. Antivirus software promises to effectively protect against malware on mobile devices and many products are available for free or at reasonable prices. Their effectiveness is supported by various reports, attesting very high detection rates. However, a more detailed investigation is required in order to understand the real risk level arising from malware for the Android platform. Neither do the exceedingly high numbers of different malware variants reflect the real threat in comparison to other platforms, nor do the results of testing antivirus software against a set of already known malware samples (retrospective tests) provide a clear picture of the capabilities and limitations of antivirus software on the Android platform. The primary objective of this report is thus to help corporate and private users to assess the real risk level imposed by Android malware on the one hand, and the protection level offered by antivirus software on the other hand. For this purpose, we discuss how malware spreads and which limitations antivirus apps are subject to. We then evaluate how well Android antivirus software performs under realworld conditions, as opposed to retrospective detection rate tests. Based on our findings, we give recommendations for private and corporate users and sketch possible future solutions to overcome some of the current issues of antivirus software. For this report, we conducted various tests on several antivirus apps for Android. As we aim to reflect real-world threats better than retrospective tests, in which antivirus software is tested for recognizing known malware samples, our test setup considers the ability to cope with typical malware distribution channels, infection routines, and privilege escalation techniques. We found that it is easy for malware to evade detection by most antivirus apps with only trivial alterations to their package files. In order to test different malware detection techniques, we also used a newly developed proof of concept malware. This proof of concept malware demonstrates advanced functionality which is not present in most of today’s Android malware, and is intended to determine how Android antivirus software will deal with unknown and upcoming malware. Fraunhofer AISEC On the Effectiveness of Malware Protection on Android 2
منابع مشابه
DroidDetector: Android Malware Characterization and Detection Using Deep Learning
Smartphones and mobile tablets are rapidly becoming indispensable in daily life. Android has been the most popular mobile operating system since 2012. However, owing to the open nature of Android, countless malwares are hidden in a large number of benign apps in Android markets that seriously threaten Android security. Deep learning is a new area of machine learning research that has gained inc...
متن کاملA Large-Scale Empirical Study on the Effects of Code Obfuscations on Android Apps and Anti-Malware Products
The Android platform has been the dominant mobile platform in recent years resulting inmillions of apps and security threats against those apps. Anti-malware products aim to protect smartphone users from these threats, especially frommalicious apps. However, malware authors use code obfuscation on their apps to evade detection by anti-malware products. To assess the effects of code obfuscation ...
متن کاملAn Assess Android Antimalware that Detects Malicious Dynamic Code in Apps
-Android is currently the most popular operating system and a considerable number of Smartphone’s, tablet computers ship with Android. However, users feel their private information at threat, facing a rapidly increasing number of malware for Android which significantly exceeds that of other platforms. Antimalware’s software promises to effectively protect against malware on Smartphone’s and man...
متن کاملHigh accuracy android malware detection using ensemble learning
With over 50 billion downloads and more than 1.3 million apps in Google’s official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detect...
متن کاملProtection Apps for Android – Feb. 2013
At present, over 15 million smartphones in Germany use Android as an operating system. This number does not even include the additional millions of Android tablets that are currently in use. Surveys have shown that every Android device uses at least 20 other apps. Despite this fact, not one of the top 20 most popular smartphone apps is an antivirus app, which is completely incomprehensible give...
متن کامل