Skip to main content
SpringerLink
Log in

Automatic Generation of Mobile Malwares Using Genetic Programming

  • Conference paper
  • First Online:
Book cover Applications of Evolutionary Computation (EvoApplications 2015)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9028))

Included in the following conference series:

Abstract

The number of mobile devices has increased dramatically in the past few years. These smart devices provide many useful functionalities accessible from anywhere at anytime, such as reading and writing e-mails, surfing on the Internet, showing facilities nearby, and the like. Hence, they become an inevitable part of our daily lives. However the popularity and adoption of mobile devices also attract virus writers in order to harm our devices. So, many security companies have already proposed new solutions in order to protect our mobile devices from such malicious attempts. However developing methodologies that detect unknown malwares is a research challenge, especially on devices with limited resources. This study presents a method that evolves automatically variants of malwares from the ones in the wild by using genetic programming (GP). We aim to evaluate the efficacy of current anti-virus products, using static analysis techniques, in the market. The experimental results show the weaknesses of the static analysis tools available in the market, and the need of new detection techniques suitable for mobile devices.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kaspersky Lab.: Mobile malware evolution: 3 infection attempts per user in 2013. http://www.kaspersky.com/about/news/virus/2014/Mobile-malware-evolution-3-infection-attempts-per-user-in-2013

  2. Kayacık, H.G., Heywood, M.I., Zincir-Heywood, A.N.: On evolving buffer overflow attacks using genetic programming. In: Proceedings of the 8th Annual Conference on Genetic and Evolutionary Computation, pp. 1667–1674. ACM (2006)

    Google Scholar 

  3. Kayacık, H.G., Zincir-Heywood, A.N., Heywood, M.I., Burschka, S.: Generating mimicry attacks using genetic programming: a benchmarking study. In: Proceedings of IEEE Symposium on Computational Intelligence in Cyber Security, pp. 136–143 (2009)

    Google Scholar 

  4. Kayacık, H.G., Zincir-Heywood, A.N., Heywood, M.I.: Can a good offense be a good defense? Vulnerability testing of anomaly detectors through an artificial arms race. Appl. Soft Comput. 11(7), 4366–4383 (2011)

    Article  Google Scholar 

  5. Kayacık, H.G., Zincir-Heywood, A.N., Heywood, M.I.: Evolutionary computation as an artificial attacker: generating evasion attacks for detector vulnerability testing. Evol. Intel. 4(4), 243–266 (2011)

    Article  Google Scholar 

  6. AV-TEST: The independent it-security institute. http://www.av-test.org/en/home/

  7. Zheng, M., Lee, P.P.C., Lui, J.C.S.: ADAM: an automatic and extensible platform to stress test android anti-virus systems. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 82–101. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  8. Rastogi, V., Chen, Y., Jiang, X.: DroidChameleon: evaluating android anti-malware against transformation attacks. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 329–334. ACM (2013)

    Google Scholar 

  9. Zelix KlassMaster: Java obfuscator - zelix klassmaster. http://www.zelix.com/

  10. Christodorescu, M., Jha, S.: Testing malware detectors. In: Proceedings of the 2004 ACM SIGSOFT International Symposium on Software Testing and Analysis, pp. 34–44 (2004)

    Google Scholar 

  11. Morales, J., Clarke, P., Deng, Y., Golam Kibria, B.: Testing and evaluating virus detectors for handheld devices. J. Comput. Virol. 2(2), 135–147 (2006)

    Article  Google Scholar 

  12. Moser, A., Kruegel, C., Kirda, E.: Limits of static analysis for malware detection. In: Proceedings of Computer Security Applications Conference, pp. 421–430 (2007)

    Google Scholar 

  13. Wu, L., Zhang, Y.: Research of the computer virus evolution model based on immune genetic algorithm. In: Proceedings of the 10th IEEE/ACIS International Conference on Computer and Information Science, pp. 9–13. IEEE Computer Society (2011)

    Google Scholar 

  14. Sadia, N., Shafaq, M., Zubair, S.M., Muddassar, F.: Evolvable malware. In: Proceedings of the 11th Annual Conference on Genetic and Evolutionary Computation, pp. 1569–1576. ACM (2009)

    Google Scholar 

  15. Shahzad, F., Saleem, M., Farooq, M.: A hybrid framework for malware detection on smartphones using ELF structural & PCB runtime traces. Technical report, TR-58 FAST-National University, Pakistan (2012)

    Google Scholar 

  16. Noreen, S., Murtaza, S., Shafiq, M.Z., Farooq, M.: Using formal grammar and genetic operators to evolve malware. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 375–377. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  17. You, I., Yim, K.: Malware obfuscation techniques: a brief survey. In: Proceedings of the International Conference on Broadband, Wireless Computing, Communication and Applications, pp. 297–300 (2010)

    Google Scholar 

  18. Christodorescu, M., Kinder, J., Jha, S., Katzenbeisser, S., Veith, H., Munchen, T.U.: Malware normalization. Technical report, 1539, University of Wisconsin (2005)

    Google Scholar 

  19. JAD: Java decompiler download mirror. http://varaneckas.com/jad/

  20. JEB: The interactive android decompiler. http://www.android-decompiler.com/

  21. Android: Bytecode for the dalvik VM. https://source.android.com/devices/tech/dalvik/dalvik-bytecode.html

  22. Apktool: A tool for reverse engineering android apk files. https://code.google.com/p/android-apktool/

  23. Smali: An assembler/disassembler for androids dex format. https://code.google.com/p/smali/

  24. Koza, J.R.: Genetic Programming: On the Programming of Computers by Means of Natural Selection. MIT Press, Cambridge (1992)

    MATH  Google Scholar 

  25. ECJ: A java-based evolutionary computation research system. http://cs.gmu.edu/eclab/projects/ecj/

  26. Ozkan, H.B., Aydogan, E., Sen, S.: An ensemble learning approach to mobile malware detection. Technical report, Department of Computer Engineering, Hacettepe University (2014)

    Google Scholar 

  27. Oracle: keytool - key and certificate management tool. http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/keytool.html

  28. Oracle: jarsigner.http://docs.oracle.com/javase/7/docs/technotes/tools/windows/jarsigner.html

  29. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: Proceedings of the 2012 IEEE Symposium on Security and Privacy, pp. 95–109. IEEE Computer Society (2012)

    Google Scholar 

Download references

Acknowledgement

This study is supported by the Scientific and Technological Research Council of Turkey (TUBITAK-112E354). We would like to thank TUBITAK for its support.

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Hacettepe University, Ankara, Turkey

    Emre Aydogan & Sevil Sen

Authors
  1. Emre Aydogan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sevil Sen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Emre Aydogan .

Editor information

Editors and Affiliations

  1. Universidad de Granada, Granada, Spain

    Antonio M. Mora

  2. Politecnico di Torino, Turin, Italy

    Giovanni Squillero

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Aydogan, E., Sen, S. (2015). Automatic Generation of Mobile Malwares Using Genetic Programming. In: Mora, A., Squillero, G. (eds) Applications of Evolutionary Computation. EvoApplications 2015. Lecture Notes in Computer Science(), vol 9028. Springer, Cham. https://doi.org/10.1007/978-3-319-16549-3_60

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16549-3_60

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16548-6

  • Online ISBN: 978-3-319-16549-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation