Paper Info
Title
AndroTotal: a flexible, scalable toolbox and service for testing mobile malware detectors
Abstract
Although there are controversial opinions regarding how large the mobile malware phenomenon is in terms of absolute numbers, hype aside, the amount of new Android malware variants is increasing. This trend is mainly due to the fact that, as it happened with traditional malware, the authors are striving to repackage, obfuscate, or otherwise transform the executable code of their malicious apps in order to evade mobile security apps. There are about 85 of these apps only on the official marketplace. However, it is not clear how effective they are. Indeed, the sandboxing mechanism of Android does not allow (security) apps to audit other apps. We present AndroTotal, a publicly available tool, malware repository and research framework that aims at mitigating the above challenges, and allow researchers to automatically scan Android apps against an arbitrary set of malware detectors. We implemented AndroTotal and released it to the research community in April 2013. So far, we collected 18,758 distinct submitted samples and received the attention of several research groups (1,000 distinct accounts), who integrated their malware-analysis services with ours.
Year
DOI
Venue
2013
10.1145/2516760.2516768
SPSM@CCS
Keywords
Field
DocType
research community,traditional malware,android apps,scalable toolbox,malware repository,mobile malware detector,malicious apps,malware detector,mobile security apps,research framework,mobile malware phenomenon,research group,android,malware,testing
Mobile malware,Sandbox (computer security),Cryptovirology,Internet privacy,World Wide Web,Android (operating system),Computer security,Computer science,Toolbox,Obfuscation,Malware,Executable
Conference
Citations 
PageRank 
References 
22
1.02
10
Authors
3
Name
Order
Citations
PageRank
Federico Maggi152437.68
Andrea Valdi2231.37
Stefano Zanero373653.78