Feeds

CompSci eggheads to map Android malware genome

Aim for taxonomy of droid ills

Next gen security for virtualised datacentres

Mobile security researchers are teaming up to share samples and data on malware targeting the Android platform.

The Android Malware Genome Project, spearheaded by Xuxian Jiang, a computer science researcher at North Carolina State University, aims to boost collaboration in defending against the growing menace of mobile malware targeting smartphones from the likes of HTC and Samsung which are based on Google's mobile operating system platform.

The NC State team led by Xuxian was the first to identify dozens of Android malware programs, including DroidKungFu and GingerMaster.

The project is designed to facilitate the sharing of Android malware code between security researchers, along the same lines as the long-standing malware sample sharing projects already set up by Windows anti-virus software developers. The project has already collected more than 1,200 pieces of Android malware.

Xuxian explains that rapid access by security researchers to Android malware is needed because "our defence capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples".

The project not only wants to enable the sharing of mobile malware samples but also to facilitate work to create a taxonomy of Android malware, with the aim of helping to create improved security defences, which the NC State team argue are currently falling well short of delivering effective protection.

In this project, we focus on the Android platform and aim to systematise or characterise existing Android malware. Particularly, with more than one year effort, we have managed to collect more than 1,200 malware samples that cover the majority of existing Android malware families, ranging from their debut in August 2010 to recent ones in October 2011. In addition, we systematically characterize them from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads.

The characterization and a subsequent evolution-based study of representative families reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software. Based on the evaluation with four representative mobile security software, our experiments in November, 2011, show that the best case detects 79.6 per cent of them while the worst case detects only 20.2 per cent in our dataset. These results clearly call for the need to better develop next-generation anti-mobile-malware solutions.

Xuxian explained that the project was particularly targeted at academic researchers and was designed to supplement vendor-led efforts at mobile malware exchange and analysis.

"I am aware of some malware-exchanging programmes between these vendors, either for Windows-based malware or Android-based malware," he told El Reg. "However, it seems hard for independent researchers or academic researchers to be involved.

"Great innovations can also come from research labs in academia. This is one main reason why we are promoting and sharing Android malware samples for research purposes. Also, notice that Android malware is still at the early stage and rapidly evolving. With this timing, the sharing becomes extremely important."

The project was announced at IEEE Symposium on Security and Privacy in San Francisco on Tuesday. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
Mozilla's 'Tiles' ads debut in new Firefox nightlies
You can try turning them off and on again
No, thank you. I will not code for the Caliphate
Some assignments, even the Bongster decline must
Barnes & Noble: Swallow a Samsung Nook tablet, please ... pretty please
Novelslab finally on sale with ($199 - $20) price tag
Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws
Yep, that one place you'd hoped you wouldn't find 'em
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Primetime precrime? Minority Report TV series 'being developed'
I have to know. I have to find out what happened to my life
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.