Reverse Engineering for Static Analysis of Android Malware in Instant Messaging Apps

I Gede Adnyana Adnyana; Putu Gede Surya Cipta  Nugraha; Bagus Rahmat Adin  Nugroho

doi:10.47709/cnahpc.v6i3.4417

Authors

I Gede Adnyana Adnyana Institut Bisnis dan Teknologi Indonesia
Putu Gede Surya Cipta Nugraha Institut Bisnis dan Teknologi Indonesia
Bagus Rahmat Adin Nugroho Institut Bisnis dan Teknologi Indonesia

DOI:

10.47709/cnahpc.v6i3.4417

Keywords:

Android Malware , Reverse Engineering , Sensitive Permissions, Static analysis, Privacy and Security

Dimension Badge Record

Abstract

Malware poses a significant threat to Android devices due to their high prevalence and vulnerability to attacks. Analyzing malware on these devices is crucial given the persistent and sophisticated threats targeting Android users. Static analysis of Android malware is a key approach used to detect malicious software without executing the application. This method involves meticulously examining the application's source code or binaries to identify signs of suspicious or harmful activities. The research methodology consists of three stages. The first stage involves collecting malware samples spread through instant messaging applications. The second stage employs reverse engineering, where APK files are decompiled to extract their contents. Following this, a static analysis is conducted, focusing on the AndroidManifest.xml file and the source code to identify the behavior and potential threats posed by the malware. The static analysis results revealed that Android malware often requests sensitive permissions to access personal data, such as receiving, reading, and sending SMS, as well as accessing location and contacts. Further analysis uncovered that after acquiring this data, the malware transmits it to the Telegram API via authenticated HTTP requests using specific tokens and chat_ids. These findings highlight that the permissions requested by the malware are designed to clandestinely collect and export personal data, posing a severe threat to the privacy and security of Android users.

Downloads

Download data is not yet available.

Google Scholar Cite Analysis
Abstract viewed = 147 times

References

Ali, A. A., & Abdul-Qawy, A. S. H. (2021). Static analysis of malware in android-based platforms: A progress study. International Journal of Computing and Digital Systems. https://doi.org/10.12785/ijcds/100132

Arif, J. M., Razak, M. F. A., Awang, S., Tuan Mat, S. R., Ismail, N. S. N., & Firdaus, A. (2021). A Review: Static Analysis of Android Malware and Detection Technique. Proceedings - 2021 International Conference on Software Engineering and Computer Systems and 4th International Conference on Computational Science and Information Management, ICSECS-ICOCSIM 2021. https://doi.org/10.1109/ICSECS52883.2021.00112

Dahiya, A., Singh, S., & Shrivastava, G. (2023). Android malware analysis and detection: A systematic review. In Expert Systems. https://doi.org/10.1111/exsy.13488

Ehsan, A., Catal, C., & Mishra, A. (2022). Detecting Malware by Analyzing App Permissions on Android Platform: A Systematic Literature Review. In Sensors. https://doi.org/10.3390/s22207928

Hindarto, D., & Djajadi, A. (2023). Android-manifest extraction and labeling method for malware compilation and dataset creation. International Journal of Electrical and Computer Engineering. https://doi.org/10.11591/ijece.v13i6.pp6568-6577

Hrushik Raj, S., Thejaswini, P., & Nandi, S. (2023). Reverse Engineering techniques for Android systems: A Systematic approach. 2023 IEEE Guwahati Subsection Conference, GCON 2023. https://doi.org/10.1109/GCON58516.2023.10183629

Jusoh, R., Firdaus, A., Anwar, S., Osman, M. Z., Darmawan, M. F., & Razak, M. F. A. (2021). Malware Detection Using Static Analysis in Android: a review of FeCO (Features, Classification, and Obfuscation). PeerJ Computer Science. https://doi.org/10.7717/peerj-cs.522

Karim, A., Chang, V., & Firdaus, A. (2020). Android botnets: A proof-of-concept using hybrid analysis approach. Journal of Organizational and End User Computing. https://doi.org/10.4018/JOEUC.2020070105

Lee, S. A., Yoon, A. R., Lee, J. W., & Lee, K. (2022). An Android Malware Detection System using a Knowledge-based Permission Counting Method. International Journal on Informatics Visualization. https://doi.org/10.30630/joiv.6.1.859

Liu, L., Ren, W., Xie, F., Yi, S., Yi, J., & Jia, P. (2021). Learning-Based Detection for Malicious Android Application Using Code Vectorization. Security and Communication Networks. https://doi.org/10.1155/2021/9964224

Megira, S., Pangesti, A. R., & Wibowo, F. W. (2018). Malware Analysis and Detection Using Reverse Engineering Technique. Journal of Physics: Conference Series. https://doi.org/10.1088/1742-6596/1140/1/012042

Mohamad Arif, J., Ab Razak, M. F., Awang, S., Tuan Mat, S. R., Ismail, N. S. N., & Firdaus, A. (2021). A static analysis approach for Android permission-based malware detection systems. PloS One. https://doi.org/10.1371/journal.pone.0257968

Pan, Y., Ge, X., Fang, C., & Fan, Y. (2020). A Systematic Literature Review of Android Malware Detection Using Static Analysis. IEEE Access. https://doi.org/10.1109/ACCESS.2020.3002842

Rizqony, Y. I., Akbi, D. R., & Sumadi, F. D. S. (2020). Analisis Karakteristik Malware Joker Berdasarkan Fitur Menggunakan Metode Statik Pada Platform Android. Jurnal Repositor. https://doi.org/10.22219/repositor.v2i10.1145

Saputro, B. A., Alfitra, L. I., & Oktaviaji, R. B. (2020). Analisis Malware Android Menggunakan Metode Reverse Engineering. Jurnal Repositor. https://doi.org/10.22219/repositor.v2i10.1061

Zhao, K. (2023). Demystifying Privacy and Security Issues in Potentially Harmful Mobile Applications. https://doi.org/10.1109/icdcs57875.2023.00102