Static and Dynamic Analysis of Android Malware and Goodware Written with Unity Framework

  title={Static and Dynamic Analysis of Android Malware and Goodware Written with Unity Framework},
  author={Jaewoo Shim and Kyeonghwan Lim and Seong-je Cho and Sangchul Han and Minkyu Park},
  journal={Secur. Commun. Networks},
Unity is the most popular cross-platform development framework to develop games for multiple platforms such as Android, iOS, and Windows Mobile. [...] Key Method We first inspect the executable file format of a Unity app and present an effective static analysis technique of the Unity app. Then, we also propose a systematic technique to analyse dynamically the Unity app. Using the proposed techniques, the malware analyst can statically and dynamically analyse Java code, native code in C or CExpand
Forensic Requirements Specification for Mobile Device Malware Forensic Models
A set of requirements that should be met by forensic models meant to be used in investigating security incidents involving mobile device malware, designed as solutions for the limitations associated with existing conventional digital and malware forensic models are proposed. Expand
Malware Classification of Portable Executables using Tree-Based Ensemble Machine Learning
  • V. Atluri
  • Computer Science
  • 2019 SoutheastCon
  • 2019
Six different Tree-based ensemble machine learning techniques that can identify malware among windows portable executable (PE) files and the features of importance in the identification of malware are studied. Expand
An Improved Permission Management Scheme of Android Application Based on Machine Learning
A dynamic management scheme of Android permission based on machine learning is proposed to solve the problem of the existing permission mechanism and increases the flexibility of permission management and improves the security and reliability of multimedia data in Android devices. Expand


Every day, thousands of new mobile apps are published on mobile app stores including Google Play and iOS App Store. While many of them are native apps, others are cross-platform mobile apps orExpand
Security Assessment of Code Obfuscation Based on Dynamic Monitoring in Android Things
This paper proposes a scheme that can quantitatively evaluate the level of hiding of APIs, which represent the function of the Android application based on machine learning theory, and believes it can be used as a model for obfuscation assessment schemes, without relying on specific obfuscation tools. Expand
Code Injection Attacks on HTML5-based Mobile Apps: Characterization, Detection and Mitigation
A new form of code injection attack is found, which inherits the fundamental cause of Cross-Site Scripting attack~(XSS), but it uses many more channels to inject code than XSS. Expand
Smartphone security evaluation The malware attack case
It is proven that, under circumstances, all smartphone platforms could be used by average developers as privacy attack vectors, harvesting data from the device without the users knowledge and consent. Expand
Testing Cross-Platform Mobile App Development Frameworks
Mobile app developers often wish to make their apps available on a wide variety of platforms, e.g., Android, iOS, and Windows devices. Each of these platforms uses a different programmingExpand
Comprehensive Analysis of Innovative Cross-Platform App Development Frameworks
This paper takes a closer look at three crossplatform frameworks, namely React Native, the Ionic Framework, and Fuse, and suggests that there is no clear winner. Expand
On the Feasibility of Malware Attacks in Smartphone Platforms
It is proved that, under certain circumstances, all examined platforms could be used by average developers as privacy attack vector, harvesting data from the device without the users knowledge and consent. Expand
Following Devil's Footprints: Cross-Platform Analysis of Potentially Harmful Libraries on Android and iOS
The research shows that most Android-side harmful behaviors have been preserved on their corresponding iOS libraries, and further identifies new evidence about libraries repackaging for harmful code propagations on both sides. Expand
A New Android Malware Detection Approach Using Bayesian Classification
This paper presents an effective approach to alleviate the problem of Android app marketplaces at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users based on Bayesian classification models obtained from static code analysis. Expand
Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications
This work proposes a service which is able to assess Android Market applications via static analysis and provide detailed, but readable reports to the user, and describes a means to mitigate security and privacy threats by automated reverse-engineering and refactoring binary application packages according to the users' security preferences. Expand