Detecting mobile malware threats to homeland security through static analysis

摘要

Recent years have seen the significant increase in the popularity of smartphones. This popularity has been accompanied with an equally alarming rise in mobile malware. Recently released mobile malware targeting Android devices have been found to specifically focus on root exploits to obtain root-level access and execute instructions from a remote server. Thus, this kind of mobile malware presents a significant threat to Homeland Security. This is possible because smartphones can serve as zombie devices which are then controlled by hackers' via a C&C server. In this paper, we discuss the defining characteristics inherent in mobile malware and show mobile attack scenarios which are feasible against Homeland Security. We also propose a static analysis tool, DroidAnalyzer, which identifies potential vulnerabilities of Android apps and the presence of root exploits. Then, we analyze various mobile malware samples and targeting apps such as banking, flight tracking and booking, home&office monitoring apps to examine potential vulnerabilities by applying DroidAnalyzer.