Dynalog: an automated dynamic analysis framework for characterizing android applications

Mohammed K. Alzaylaee, Suleiman Y. Yerima, Sakir Sezer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)
432 Downloads (Pure)

Abstract

Android is becoming ubiquitous and currently has the largest share of the mobile OS market with billions of application downloads from the official app market. It has also become the platform most targeted by mobile malware that are becoming more sophisticated to evade state-of-the-art detection approaches. Many Android malware families employ obfuscation techniques in order to avoid detection and this may defeat static analysis based approaches. Dynamic analysis on the other hand may be used to overcome this limitation. Hence in this paper we propose DynaLog, a dynamic analysis based framework for characterizing Android applications. The framework provides the capability to analyse the behaviour of applications based on an extensive number of dynamic features. It provides an automated platform for mass analysis and characterization of apps that is useful for quickly identifying and isolating malicious applications. The DynaLog framework leverages existing open source tools to extract and log high level behaviours, API calls, and critical events that can be used to explore the characteristics of an application, thus providing an extensible dynamic analysis platform for detecting Android malware. DynaLog is evaluated using real malware samples and clean applications demonstrating its capabilities for effective analysis and detection of malicious applications.
Original languageEnglish
Title of host publication Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)
Publisher IEEE
Number of pages8
ISBN (Electronic) 978-1-5090-0709-7
DOIs
Publication statusPublished - 11 Jul 2016
Event2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) - London, United Kingdom
Duration: 13 Jun 201614 Jun 2016
http://www.c-mric.com/cs-2016

Conference

Conference2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)
CountryUnited Kingdom
CityLondon
Period13/06/201614/06/2016
Internet address

Keywords

  • malware detection
  • dynamic analysis
  • Android
  • application security
  • malware analysis

Fingerprint Dive into the research topics of 'Dynalog: an automated dynamic analysis framework for characterizing android applications'. Together they form a unique fingerprint.

  • Cite this

    Alzaylaee, M. K., Yerima, S. Y., & Sezer, S. (2016). Dynalog: an automated dynamic analysis framework for characterizing android applications. In Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) IEEE . https://doi.org/10.1109/CyberSecPODS.2016.7502337