Static and Dynamic Analysis of Android Malware and Goodware Written with Unity Framework

  title={Static and Dynamic Analysis of Android Malware and Goodware Written with Unity Framework},
  author={Jaewoo Shim and Kyeonghwan Lim and Seong-je Cho and Sangchul Han and Minkyu Park},
  journal={Secur. Commun. Networks},
Unity is the most popular cross-platform development framework to develop games for multiple platforms such as Android, iOS, and Windows Mobile. [] Key Method We first inspect the executable file format of a Unity app and present an effective static analysis technique of the Unity app. Then, we also propose a systematic technique to analyse dynamically the Unity app. Using the proposed techniques, the malware analyst can statically and dynamically analyse Java code, native code in C or C

Forensic Requirements Specification for Mobile Device Malware Forensic Models

A set of requirements that should be met by forensic models meant to be used in investigating security incidents involving mobile device malware, designed as solutions for the limitations associated with existing conventional digital and malware forensic models are proposed.

Malware Classification of Portable Executables using Tree-Based Ensemble Machine Learning

  • V. Atluri
  • Computer Science
    2019 SoutheastCon
  • 2019
Six different Tree-based ensemble machine learning techniques that can identify malware among windows portable executable (PE) files and the features of importance in the identification of malware are studied.

An Improved Permission Management Scheme of Android Application Based on Machine Learning

A dynamic management scheme of Android permission based on machine learning is proposed to solve the problem of the existing permission mechanism and increases the flexibility of permission management and improves the security and reliability of multimedia data in Android devices.




This paper will research the feasibility of new cross-platform mobile malware, analyse the package structures of such malware, discuss the technical issues and suggest a solution to the problem.

Security Assessment of Code Obfuscation Based on Dynamic Monitoring in Android Things

This paper proposes a scheme that can quantitatively evaluate the level of hiding of APIs, which represent the function of the Android application based on machine learning theory, and believes it can be used as a model for obfuscation assessment schemes, without relying on specific obfuscation tools.

Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation

A new form of code injection attack is found, which inherits the fundamental cause of Cross-Site Scripting attack~(XSS), but it uses many more channels to inject code than XSS.

Smartphone security evaluation The malware attack case

It is proven that, under circumstances, all smartphone platforms could be used by average developers as privacy attack vectors, harvesting data from the device without the users knowledge and consent.

Testing Cross-Platform Mobile App Development Frameworks

This paper builds a prototype testing tool, called X-Checker, and applies it to test Xamarin, a popular framework that allows Windows Phone apps to be cross-compiled into native Android (and iOS) apps.

Comprehensive Analysis of Innovative Cross-Platform App Development Frameworks

This paper takes a closer look at three crossplatform frameworks, namely React Native, the Ionic Framework, and Fuse, and suggests that there is no clear winner.

On the Feasibility of Malware Attacks in Smartphone Platforms

It is proved that, under certain circumstances, all examined platforms could be used by average developers as privacy attack vector, harvesting data from the device without the users knowledge and consent.

Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS

The research shows that most Android-side harmful behaviors have been preserved on their corresponding iOS libraries, and further identifies new evidence about libraries repackaging for harmful code propagations on both sides.

A New Android Malware Detection Approach Using Bayesian Classification

This paper presents an effective approach to alleviate the problem of Android app marketplaces at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users based on Bayesian classification models obtained from static code analysis.

Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications

This work proposes a service which is able to assess Android Market applications via static analysis and provide detailed, but readable reports to the user, and describes a means to mitigate security and privacy threats by automated reverse-engineering and refactoring binary application packages according to the users' security preferences.