Using Implicit Calls to Improve Malware Dynamic Execution
Résumé
The number of Android malware has been increasing for the last 5 years. These malware use more often evasion techniques to hide their malicious intent and avoid analysis tools. In this work, we focus on triggering the most suspicious parts of code in malicious applications in order to monitor their behaviors using dynamic analysis tools for a better understanding of their activities. To do this, a global control flow graph (CFG) is used to exhibit an execution path to reach specific parts of code. Here we explain why using only explicit interprocedural calls may lead to a partial build of the CFG. In this poster, we explain that concept and propose a solution that improves malicious code reachability by means of integrating implicit calls.
Domaines
Cryptographie et sécurité [cs.CR]
Origine : Fichiers produits par l'(les) auteur(s)