BLADE: Robust malware detection against obfuscation in android

摘要

Android OS popularity has given significant rise to malicious apps targeting it. Malware use state of the art obfuscation methods to hide their functionality and evade anti-malware engines. We present BLADE, a novel obfuscation resilient system based on Opcode Segments for detection. It makes three contributions: Firstly, a novel Opcode Segment Document results in feature characterization resilient to obfuscation techniques. Secondly, we perform semantics based simplification of dalvik opcodes to enhance the resilience. Thirdly, we evaluate effectiveness of BLADE against different obfuscation techniques such as trivial obfuscation, string encryption, class encryption, reflection and their combinations. Our approach is found effective, accurate and resilient, when tested against benchmark datasets for malware detection, familial classification, malware type detection, obfuscation type detection and obfuscation resilient familial classification. (c) 2021 Elsevier Ltd. All rights reserved.