期刊名称:International Journal of Distributed Sensor Networks
印刷版ISSN:1550-1329
电子版ISSN:1550-1477
出版年度:2015
卷号:2015
DOI:10.1155/2015/379682
出版社:Hindawi Publishing Corporation
摘要:We suggest an idea to dump executable code from memory for malicious application analysis on Android platform. Malicious applications are getting enhanced in terms of antianalysis techniques. Recently, sophisticated malicious applications have been found, which are not decompiled and debugged by existing analysis tools. It becomes serious threat to services related to embedded devices based on Android. Thus, we have implemented the idea to obtain main code from the memory by modifying a part of Dalvik Virtual Machine of Android. As a result, we have confirmed that the executable code is completely obtainable. In this paper, we introduce the existing analysis techniques for Android application, and antianalysis techniques. We then describe the proposed method with a sample malicious application which has strong antianalysis techniques.
