Skip to content
2000
image of Utilizing AspectJ for Defense Against Evasive Malware Attacks in Android System

Abstract

Introduction

Mobile devices have become an integral part of our digital lives, facilitating various tasks and storing a treasure trove of sensitive information. However, as more people utilize mobile devices, sophisticated cyber threats are emerging to elude traditional security measures.

Method

The use of evasion techniques by malicious actors presents a significant challenge to mobile security, necessitating creative solutions. In this work, we investigate the potential critical role that the aspect-oriented programming paradigm AspectJ can play in strengthening mobile security against evasion attempts. Evasion techniques cover a wide range of tactics, including runtime manipulation, code obfuscation, and unauthorized data access.

Results

These tactics usually aim to bypass detection and avoid security measures. In order to address the aforementioned issues, this paper uses AspectJ to give developers a flexible and dynamic way to add aspects to their coding structures so they can monitor, intercept, and respond to evasive actions. It illustrates how AspectJ can improve mobile security and counteract the long-lasting risks that evasion techniques present in a dynamic threat landscape.

Conclusion

Consequently, this work proposes a novel defense mechanism incorporating AspectJ into a significant paradigm of security against evasion with 91.33% accuracy and demonstrates the successful detection of evasive attacks.

Loading

Article metrics loading...

/content/journals/rascs/10.2174/0126662558308040241009061506
2024-10-18
2024-11-22
Loading full text...

Full text loading...

References

  1. Garg S. Baliyan N. Comparative analysis of Android and iOS from security viewpoint. Comput. Sci. Rev. 2021 40 100372 10.1016/j.cosrev.2021.100372
    [Google Scholar]
  2. Nazar M. Rusman R. Putri I. Puspita K. Developing an android-based game for chemistry learners and its usability assessment. Int. J. Interact. Mob. Technol. 2020 14 15 111 124 10.3991/ijim.v14i15.14351
    [Google Scholar]
  3. Bakour K. Ünver H.M. Ghanem R. The Android malware detection systems between hope and reality. SN Appl. Sci. 2019 1 9 1120 10.1007/s42452‑019‑1124‑x
    [Google Scholar]
  4. Kumar V. The Economic Value of Digital Disruption Springer Singapore 2023 10.1007/978‑981‑19‑8148‑7
    [Google Scholar]
  5. Kumar S. Making the case for stealthy, reliable, and low-overhead android malware detection and classification. Doctor of Philosophy, Indian Institute of Technology Kanpur 2022
    [Google Scholar]
  6. Natesan S. Gupta M.R. Iyer L.N. Sharma D. Detection of data leaks from android applications. 2020 Second International Conference on Inventive Research in Computing Applications (ICIRCA) Coimbatore, India, 2020, pp. 326-332. 10.1109/ICIRCA48905.2020.9183066
    [Google Scholar]
  7. Gamba J. Rashed M. Razaghpanah A. Tapiador J. Vallina-Rodriguez N. An analysis of pre-installed android software. IEEE Symposium on Security and Privacy (SP) San Francisco, CA, USA, 2020, pp. 1039-1055. 10.1109/SP40000.2020.00013
    [Google Scholar]
  8. Shrivastava G. Kumar P. Gupta D. Rodrigues J.J.P.C. Privacy issues of android application permissions: A literature review. Trans. Emerg. Telecommun. Technol. 2020 31 12 e3773 10.1002/ett.3773
    [Google Scholar]
  9. Altuwaijri H. Ghouzali S. Android data storage security: A review. J. King Saud Univ., Comp. Info. Sci. 2020 32 5 543 552 10.1016/j.jksuci.2018.07.004
    [Google Scholar]
  10. Alepis E. Patsakis C. Unravelling security issues of runtime permissions in android. J. Hardw. Syst. Secur. 2019 3 1 45 63 10.1007/s41635‑018‑0053‑2
    [Google Scholar]
  11. Martín A. Lara-Cabrera R. Camacho D. A new tool for static and dynamic Android malware analysis. Proceedings of the 13th International FLINS Conference (FLINS 2018) 2018, pp. 509-516. 10.1142/9789813273238_0066
    [Google Scholar]
  12. Ashawa M.A. Morris S. Analysis of android malware detection techniques: A systematic review. IJCSDF 2019 8 3 177 187 10.17781/P002605
    [Google Scholar]
  13. Bakour K. Ünver H.M. Ghanem R. The android malware static analysis: Techniques, limitations, and open challenges. 3rd International Conference on Computer Science and Engineering (UBMK) Sarajevo, Bosnia and Herzegovina, 2018, pp. 586-593. 10.1109/UBMK.2018.8566573
    [Google Scholar]
  14. Rana M.S. Sung A.H. Malware analysis on Android using supervised machine learning techniques. Int. J. Comput. Commun. Eng. 2018 7 4 178 188 10.17706/IJCCE.2018.7.4.178‑188
    [Google Scholar]
  15. Liu K. Xu S. Xu G. Zhang M. Sun D. Liu H. A review of android malware detection approaches based on machine learning. IEEE Access 2020 8 124579 124607 10.1109/ACCESS.2020.3006143
    [Google Scholar]
  16. Sarkar A. Goyal A. Hicks D. Sarkar D. Hazra S. Android application development: A brief overview of android platforms and evolution of security systems. Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC) Palladam, India, 2019, pp. 73-79. 10.1109/I‑SMAC47947.2019.9032440
    [Google Scholar]
  17. Bhat P. Dutta K. A survey on various threats and current state of security in android platform. ACM Comput. Surv. 2020 52 1 1 35 10.1145/3301285
    [Google Scholar]
  18. Garg S. Baliyan N. Android security assessment: A review, taxonomy and research gap study. Comput. Secur. 2021 100 102087 10.1016/j.cose.2020.102087
    [Google Scholar]
  19. Mazuera-Rozo A. Bautista-Mora J. Linares-Vásquez M. Rueda S. Bavota G. The Android OS stack and its vulnerabilities: An empirical study. Empir. Softw. Eng. 2019 24 4 2056 2101 10.1007/s10664‑019‑09689‑7
    [Google Scholar]
  20. Conklin W.A. IT vs. OT security: A time to consider a change in CIA to include resilienc. 49th Hawaii International Conference on System Sciences (HICSS) Koloa, HI, USA, 2016, pp. 2642-2647. 10.1109/HICSS.2016.331
    [Google Scholar]
  21. Zhou Y. Jiang X. Dissecting android malware: Characterization and evolution. EEE Symposium on Security and Privacy San Francisco, CA, USA, 2012, pp. 95-109. 10.1109/SP.2012.16
    [Google Scholar]
  22. Lalande J.F. Viet Triem Tong V. Graux P. Hiet G. Mazurczyk W. Chaoui H. Berthomé P. Teaching android mobile security. SIGCSE '19: Proceedings of the 50th ACM Technical Symposium on Computer Science Education 2019, pp. 232-238 10.1145/3287324.3287406
    [Google Scholar]
  23. Fang Z. Han W. Li Y. Permission based Android security: Issues and countermeasures. Comput. Secur. J. 2014 43 205 218 10.1016/j.cose.2014.02.007
    [Google Scholar]
  24. Ahmed O. Sallow A. Android security: A review. Acad. J. Nawroz. U. 2017 6 3 135 140 10.25007/ajnu.v6n3a97
    [Google Scholar]
  25. Berger H. Hajaj C. Dvir A. Evasion is not enough: A case study of android malware. Cyber Security Cryptography and Machine Learning Springer Cham Dolev S. Kolesnikov V. Lodha S. Weiss G. 2020 167 174 10.1007/978‑3‑030‑49785‑9_11
    [Google Scholar]
  26. Elsersy W.F. Feizollah A. Anuar N.B. The rise of obfuscated Android malware and impacts on detection methods. PeerJ Comput. Sci. 2022 8 e907 10.7717/peerj‑cs.907 35494876
    [Google Scholar]
  27. Faruki P. Bhan R. Jain V. Bhatia S. El Madhoun N. Pamula R. A Survey and evaluation of android-based malware evasion techniques and detection frameworks. Information (Basel) 2023 14 7 374 10.3390/info14070374
    [Google Scholar]
  28. Bello L. Pistoia M. ARES: Triggering payload of evasive Android malware. MOBILESoft '18: Proceedings of the 5th International Conference on Mobile Software Engineering and Systems 27 May 2018, pp. 2-12 10.1145/3197231.3197239
    [Google Scholar]
  29. Garba F.A. Kunya K.I. Ibrahim S.A. Isa A.B. Muhammad K.M. Wali N.N. Evaluating the state of the art antivirus evasion tools on windows and android platform. 2nd International Conference of the IEEE Nigeria Computer Chapter (NigeriaComputConf) Zaria, Nigeria, 2019, pp. 1-4. 10.1109/NigeriaComputConf45974.2019.8949637
    [Google Scholar]
  30. Fritz C. Arzt S. Rasthofer S. Bodden E. Bartel A. Klein J. Le Traon Y. Octeau D. McDaniel P. Highly precise taint analysis for android applications. Techinical Note, University of Luxembourg 2013
    [Google Scholar]
  31. Huang W. Dong Y. Milanova A. Dolby J. Scalable and precise taint analysis for Android. ISSTA 2015: Proceedings of the 2015 International Symposium on Software Testing and Analysis 2015, pp. 106-117 10.1145/2771783.2771803
    [Google Scholar]
  32. Zhang J. Wang Y. Qiu L. Rubin J. Analyzing android taint analysis tools: FlowDroid, Amandroid, and DroidSafe. IEEE Trans. Softw. Eng. 2022 48 10 4014 4040 10.1109/TSE.2021.3109563
    [Google Scholar]
  33. Inayoshi H. Kakei S. Saito S. Plug and analyze: Usable dynamic taint tracker for android apps. IEEE 22nd International Working Conference on Source Code Analysis and Manipulation (SCAM) Limassol, Cyprus, 2022, pp. 24-34. 10.1109/SCAM55253.2022.00008
    [Google Scholar]
  34. Li W. Yang B. Ye H. Xiang L. Tao Q. Wang X. Zhou C. MiniTracker: Large-scale sensitive information tracking in mini apps. IEEE Trans. Depend. Secure Comput. 2023 21 4 2099 2114 10.1109/TDSC.2023.3299945
    [Google Scholar]
  35. Lokhande B. Dhavale S. Overview of information flow tracking techniques based on taint analysis for android. 2014 International Conference on Computing for Sustainable Global Development (INDIACom) New Delhi, India, 2014, pp. 749-753. 10.1109/IndiaCom.2014.6828062
    [Google Scholar]
  36. You W. Liang B. Li J. Shi W. Zhang X. Android implicit information flow demystified. ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security 14 April 2015, pp. 585-590. 10.1145/2714576.2714604
    [Google Scholar]
  37. Bhatia T. Kaushal R. Malware detection in android based on dynamic analysis. International Conference on Cyber Security And Protection Of Digital Services (Cyber Security) London, UK, 2017, pp. 1-6. 10.1109/CyberSecPODS.2017.8074847
    [Google Scholar]
  38. Pattani K. Gautam S. SonicEvasion: A stealthy ultrasound based invasion using covert communication in smart phones and its security. Int. J. Inf. Technol. 2021 13 4 1589 1599 10.1007/s41870‑021‑00614‑0
    [Google Scholar]
  39. Chen X. Li C. Wang D. Wen S. Zhang J. Nepal S. Xiang Y. Ren K. Android HIV: A study of repackaging malware for evading machine-learning detection. IEEE Trans. Inf. Forensics Security 2020 15 987 1001 10.1109/TIFS.2019.2932228
    [Google Scholar]
  40. Kato H. Sasaki T. Sasase I. Android malware detection based on composition ratio of permission pairs. IEEE Access 2021 9 130006 130019 10.1109/ACCESS.2021.3113711
    [Google Scholar]
  41. Shahriar H. Islam M. Clincy V. Android malware detection using permission analysis. SoutheastCon Concord, NC, USA, 2017, pp. 1-6. 10.1109/SECON.2017.7925347
    [Google Scholar]
  42. Rovelli P. Vigfússon Ý. PMDS: Permission-based malware detection system. Information Systems Security Springer Cham 2014 10 338 357
    [Google Scholar]
  43. Almin S.B. Chatterjee M. A novel approach to detect android malware. Procedia Comput. Sci. 2015 45 407 417 10.1016/j.procs.2015.03.170
    [Google Scholar]
  44. Cavallaro L. Saxena P. Sekar R. Anti-taint-analysis: Practical evasion techniques against information flow based malware defense. Technical note, Stony Brook University 2007
    [Google Scholar]
  45. Pattani K. Gautam S. A stealthy evasive information invasion using covert channel in mobile phones. 2021 International Conference on Artificial Intelligence and Machine Vision (AIMV) Gandhinagar, India, 2021, pp. 1-5. 10.1109/AIMV53313.2021.9670998
    [Google Scholar]
  46. Afianian A. Niksefat S. Sadeghiyan B. Baptiste D. Malware dynamic analysis evasion techniques: A survey. ACM Comput. Surv. 2020 52 6 1 28 10.1145/3365001
    [Google Scholar]
  47. Qader S.M. Hassan B.A. Ahmed H.O. Hamarashid H.K. Aspect oriented programming: Trends and applications. UKH J. Sci. Eng. 2022 6 1 12 20 10.25079/ukhjse.v6n1y2022.pp12‑20
    [Google Scholar]
  48. Akhtar N. Zubair N. Kumar A. Ahmad T. Aspect based sentiment oriented summarization of hotel reviews. Procedia Comput. Sci. 2017 115 563 571 10.1016/j.procs.2017.09.115
    [Google Scholar]
  49. Do H.H. Prasad P.W.C. Maag A. Alsadoon A. Deep learning for aspect-based sentiment analysis: A comparative review. Expert Syst. Appl. 2019 118 272 299 10.1016/j.eswa.2018.10.003
    [Google Scholar]
  50. Jain M. Gopalani D. Testing application security with aspects. 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT) Chennai, India, 2016, pp. 3161-3165. 10.1109/ICEEOT.2016.7755285
    [Google Scholar]
  51. Mouheb D. Debbabi M. Pourzandi M. Wang L. Nouh M. Ziarati R. Alhadidi D. Talhi C. Lima V. Aspect-oriented security hardening of UML design models. Springer International Publishing Switzerland 2015 10.1007/978‑3‑319‑16106‑8
    [Google Scholar]
  52. Lewarski T. Poniszewska-Maranda A. Veselý P. Mikolášik M. Aspect programming with the use of AspectJ. Stud. Syst. Decis. Control. 2021 330 487 554 10.1007/978‑3‑030‑62151‑3_13
    [Google Scholar]
  53. Mouheb D. Debbabi M. Pourzandi M. Wang L. Nouh M. Ziarati R. Alhadidi D. Talhi C. Lima V. Mouheb D. Debbabi M. Aspect-Oriented Security Hardening of UML Design Models Springer International Publishing Switzerland 2015 69 84 10.1007/978‑3‑319‑16106‑8
    [Google Scholar]
  54. Mcheick H. Godmaire S. Designing and implementing different use cases of aspect-oriented programming with AspectJ for developing mobile applications. ICSENT 2018: Proceedings of the 7th International Conference on Software Engineering and New Technologies 26 December 2018, pp. 1-18 10.1145/3330089.3330108
    [Google Scholar]
  55. Mohite S. Joshi S. Analysis of non-functional requirements with aspects-J programming. 24th Topical Conference On Radio-frequency Power In Plasmas Mumbai, India, October 12 2023, pp. 25-26. 10.1063/5.0175780
    [Google Scholar]
  56. Tebib M.E. Graa M. Andre P. A survey on secure android apps development life-cycle: Vulnerabilities and tools. Int. J. Adv. Secur. 2023 16 1 & 2 54 71
    [Google Scholar]
  57. Gautam S. Pattani K. Zuhair M. Rashid M. Ahmad N. Covertvasion: Depicting threats through covert channels based novel evasive attacks in android. Int. J. Intell. Netw. 2023 4 337 348 10.1016/j.ijin.2023.11.006
    [Google Scholar]
  58. Enck W. Gilbert P. Han S. Tendulkar V. Chun B.G. Cox L.P. Jung J. McDaniel P. Sheth A.N. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 2014 32 2 1 29 10.1145/2619091
    [Google Scholar]
  59. Arzt S. Rasthofer S. Fritz C. Bodden E. Bartel A. Klein J. Le Traon Y. Octeau D. McDaniel P. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. SIGPLAN Not. 2014 49 6 259 269 10.1145/2666356.2594299
    [Google Scholar]
  60. Gordon MI. Kim D. Perkins JH. Gilham L. Nguyen N. Rinard MC. Information-flow analysis of android applications in DroidSafe. 2015 Available from: https://www.ndss-symposium.org/ndss2015/ndss-2015-programme/information-flow-analysis-android-applications-droidsafe/ 10.14722/ndss.2015.23089
    [Google Scholar]
  61. Qiu L. Wang Y. Rubin J. Analyzing the analyzers: FlowDroid/IccTA, AmanDroid, and DroidSafe. ISSTA 2018: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis 12 July 2018, pp. 176-186.
    [Google Scholar]
  62. Beresford A. MockDroid: trading privacy for application functionality on smartphones HotMobile ’11 Proceedings of 12th Workshop on Mobile Computing Systems and Applications Phoenix, Arizona, 2011, pp. 49-54 10.1145/2184489.2184500
    [Google Scholar]
  63. Clauseet J. Dytan: A generic dynamic taint analysis framework. Proceedings of the International Symposium on Software Testing and Analysis New York, USA, 09 July 2007, pp. 196-206. 10.1145/1273463.1273490
    [Google Scholar]
  64. Yanget Z. AppIntent: Analyzing sensitive data transmission in android for privacy leakage detection. CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security Berlin, Germany, 04 November 2013, pp. 1043-1054. 10.1145/2508859.2516676
    [Google Scholar]
  65. Yang Z. Yang M. LeakMiner: Detect information leakage on android with static taint analysis. hird World Congress on Software Engineering Wuhan, China, 2012, pp. 101-104. 10.1109/WCSE.2012.26
    [Google Scholar]
  66. Li L. IccTA: Detecting inter-component privacy leaks in android apps. IEEE/ACM 37th IEEE International Conference on Software Engineering Florence, Italy, 2015, pp. 280-291. 10.1109/ICSE.2015.48
    [Google Scholar]
  67. Ali-Gombe A. AspectDroid: Android app analysis system Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy New Orleans, Louisiana, USA, 2016, pp. 145-147. 10.1145/2857705.2857739
    [Google Scholar]
  68. Roman S. Soundcomber: A stealthy and contextaware sound trojan for smartphones. Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS) San Diego, CA, 2011, pp. 17-33.
    [Google Scholar]
  69. Kumar S. Shukla S.K. The state of android security. Cyber Security in India Springer Singapore 2020 17 22
    [Google Scholar]
  70. Zhang P. Muccini H. Polini A. Li X. Run-time systems failure prediction via proactive monitoring. 26th IEEE/ACM International Conference on Automated Software Engineering (ASE 2011) Lawrence, KS, USA, 2011, pp. 484-487. 10.1109/ASE.2011.6100105
    [Google Scholar]
  71. Alonso López J. Torres Viñals J. Berral García J.L. Gavaldà Mestre R. J2EE instrumentation for software aging root cause application component determination with AspectJ. IEEE International Symposium on Parallel & Distributed Processing, Workshops and Phd Forum (IPDPSW) Atlanta, GA, USA, 2010, pp. 1-8. 10.1109/IPDPSW.2010.5470857
    [Google Scholar]
  72. Dufour B. Goard C. Hendren L. De Moor O. Sittampalam G. Verbrugge C. Measuring the dynamic behaviour of AspectJ programs. Technical Note, McGill University 2004 10.1145/1028976.1028990
    [Google Scholar]
  73. Abijah Roseline S. Geetha S. A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks. Comput. Electr. Eng. 2021 92 107143 10.1016/j.compeleceng.2021.107143
    [Google Scholar]
  74. Chen L. Xia C. Lei S. Wang T. Detection, traceability, and propagation of mobile malware threats. IEEE Access 2021 9 14576 14598 10.1109/ACCESS.2021.3049819
    [Google Scholar]
  75. Dhalaria M. Gandotra E. Android malware detection techniques: A literature review. Recent Pat. Eng. 2021 15 2 225 245 10.2174/1872212114999200710143847
    [Google Scholar]
  76. Mazuera-Rozo A. Escobar-Velásquez C. Espitia-Acero J. Vega-Guzmán D. Trubiani C. Linares-Vásquez M. Bavota G. Taxonomy of security weaknesses in Java and Kotlin Android apps. J. Syst. Softw. 2022 187 111233 10.1016/j.jss.2022.111233
    [Google Scholar]
  77. Górski T. SmarTS: A Java package for smart contract test suite generation and execution. SoftwareX 2024 26 101698 10.1016/j.softx.2024.101698
    [Google Scholar]
  78. Elyasaf A. Cardozo N. Sturm A. A framework for analyzing context-oriented programming languages. J. Syst. Softw. 2023 198 111614 10.1016/j.jss.2023.111614
    [Google Scholar]
/content/journals/rascs/10.2174/0126662558308040241009061506
Loading
/content/journals/rascs/10.2174/0126662558308040241009061506
Loading

Data & Media loading...


  • Article Type:
    Research Article
Keywords: taint analysis ; AspectJ ; evasion ; aspect-oriented programming ; malware protection
This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error
Please enter a valid_number test