Proposal / Submission Type
Peer Reviewed Paper
Location
Daytona Beach, Florida
Start Date
25-5-2016 10:30 AM
Abstract
exploit smartphone operating systems has exponentially expanded. Android has become the main target to exploit due to having the largest install base amongst the smartphone operating systems and owing to the open access nature in which application installations are permitted. Many Android users are unaware of the risks associated with a malware infection and to what level current malware scanners protect them. This paper tests how efficient the currently available malware scanners are. To achieve this, ten representative Android security products were selected and tested against a set of 5,560 known and categorized Android malware samples. The tests were carried out using a digital-forensically rigorous testing framework and methodology, which ensures the scientific validity of the results. The detection rates of the tested malware scanners varied widely with half unable to detect any samples at all during initial testing. The malware scanners that were able to detect the samples scored highly with the top four between 97-99% and a fifth scanner scoring 87%. The results emphasise the need for more complex detection mechanisms and protections in future versions of Android and the next generation of malware scanners.
Keywords: malware, mobile forensics, Android
Scholarly Commons Citation
Hintea, Diana; Bird, Robert; and Walker, Andrew, "Malware in the Mobile Device Android Environment" (2016). Annual ADFSL Conference on Digital Forensics, Security and Law. 6.
https://commons.erau.edu/adfsl/2016/wednesday/6
Included in
Aviation Safety and Security Commons, Computer Law Commons, Defense and Security Studies Commons, Forensic Science and Technology Commons, Information Security Commons, National Security Law Commons, OS and Networks Commons, Other Computer Sciences Commons, Social Control, Law, Crime, and Deviance Commons
Malware in the Mobile Device Android Environment
Daytona Beach, Florida
exploit smartphone operating systems has exponentially expanded. Android has become the main target to exploit due to having the largest install base amongst the smartphone operating systems and owing to the open access nature in which application installations are permitted. Many Android users are unaware of the risks associated with a malware infection and to what level current malware scanners protect them. This paper tests how efficient the currently available malware scanners are. To achieve this, ten representative Android security products were selected and tested against a set of 5,560 known and categorized Android malware samples. The tests were carried out using a digital-forensically rigorous testing framework and methodology, which ensures the scientific validity of the results. The detection rates of the tested malware scanners varied widely with half unable to detect any samples at all during initial testing. The malware scanners that were able to detect the samples scored highly with the top four between 97-99% and a fifth scanner scoring 87%. The results emphasise the need for more complex detection mechanisms and protections in future versions of Android and the next generation of malware scanners.
Keywords: malware, mobile forensics, Android
