Need help with AndroidMalwareEvaluatingTools?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

faber03
209 Stars 130 Forks Apache License 2.0 58 Commits 1 Opened issues

Description

Evaluation tools for malware Android

Services available

!
?

Need anything else?

Contributors list

No Data

Software and Network Security - A.Y. 2014-2015
Department of Engineering, University of Sannio, Benevento, Italy

Supervisors:
Prof. Corrado Aaron Visaggio, email: [email protected], web: http://www.aaronvisaggio.it/
Francesco Mercaldo, email: [email protected]
Developers:
Agostino De Lucia, email: [email protected]
Raffaele Esposito, email:
Michele Meninno, email: [email protected]
Pasquale Battista, email: [email protected]

Android Malware Evaluating Tools

In order to accomplish a deep antimalwares' detection algorithms analysis, we developed two different tools, both coded in Java.

The first tool, named Alan, through a simple UI, provides the application of eight different smali code transformations
(detailed informations about these transformations can be found into the paper attached with the project).
This tool contains other two free tools (signapk, apktool) used to decompile and recompile an android
application, providing almost original resources of the application.
The tool works on smali code, a human readable dalvik bytecode.
The aim of these transformations is hiding a malicious behaviour of an application from static malware scanning techniques. A transformed application can be submitted on the website VirusTotal where it can be analyzed by 57 well-known (free and paid) anti-malwares.

In order to work on a large malaware data-set, we developed a second tool, composed basically of code enabling an automatic upload of the android applications on virus-total, using his specific java API, storing result analysis on a relational database (we provide the schema in the project).
This tool provides a simple UI to select among several queries, presenting results on html files
Everything is well-documented and ready to be improved for future works.

If you are interested in the results of the study we've carried out analyzing how 57 antimalwares
from VirusTotal perform against 5600 malwares, before and after the application of
obfuscating transformations, you can contact us.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.