Testing Android Anti-Malware against Malware Obfuscations

is an increasing threat of malware on mobile. Since Android is the most popular and maximum sold mobile phone, the malware attack on Android mobile is increasing day by day. The commercial antimalware products available in the market can detect common and old malwares easily. Different types of transformations can be applied to a malware which make it difficult for antimalware to detect. The different transformations can be majorly classified into 1.Trivial transformations, 2.DSA (Detectable by static analysis) transformation, and 3.NSA (Not detectable by static analysis). Researchers have evaluated the strength of different commercial antimalware tools by passing the transformed malware samples to them and found that all the antimalware tools can be evaded by applying either a single transformation or combination of transformations. We propose to add more malware samples in the framework namely KMIN, PJAPPS, ROOTEXPLOIT, and YZHC. These are Android malware samples. We shall apply Trivial, DSA and combination of DSA transformations to them. After transformation, we pass them to Android mobile antimalware products Aegis Lab, Bkav Security, CM Security, Rinix, and Hornet and systematically evaluate them regarding their resistance against various transformations.