loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Authors: Adam Janovsky 1 ; Davide Maiorca 2 ; Dominik Macko 1 ; Vashek Matyas 1 and Giorgio Giacinto 2

Affiliations: 1 Masaryk University, Czech Republic ; 2 University of Cagliari, Italy

Keyword(s): Cryptographic API, Malware, Android, Malware Detection.

Abstract: Cryptography has been extensively used in Android applications to guarantee secure communications, conceal critical data from reverse engineering, or ensure mobile users’ privacy. Various system-based and third-party libraries for Android provide cryptographic functionalities, and previous works mainly explored the misuse of cryptographic API in benign applications. However, the role of cryptographic API has not yet been explored in Android malware. This paper performs a comprehensive, longitudinal analysis of cryptographic API in Android malware. In particular, we analyzed 603937 Android applications (half of them malicious, half benign) released between 2012 and 2020, gathering more than 1 million cryptographic API expressions. Our results reveal intriguing trends and insights on how and why cryptography is employed in Android malware. For instance, we point out the widespread use of weak hash functions and the late transition from insecure DES to AES. Additionally, we show that cr yptography-related characteristics can help to improve the performance of learning-based systems in detecting malicious applications. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.216.174.32

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Janovsky, A.; Maiorca, D.; Macko, D.; Matyas, V. and Giacinto, G. (2022). A Longitudinal Study of Cryptographic API: A Decade of Android Malware. In Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-590-6; ISSN 2184-7711, SciTePress, pages 121-133. DOI: 10.5220/0011265300003283

@conference{secrypt22,
author={Adam Janovsky. and Davide Maiorca. and Dominik Macko. and Vashek Matyas. and Giorgio Giacinto.},
title={A Longitudinal Study of Cryptographic API: A Decade of Android Malware},
booktitle={Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT},
year={2022},
pages={121-133},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0011265300003283},
isbn={978-989-758-590-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT
TI - A Longitudinal Study of Cryptographic API: A Decade of Android Malware
SN - 978-989-758-590-6
IS - 2184-7711
AU - Janovsky, A.
AU - Maiorca, D.
AU - Macko, D.
AU - Matyas, V.
AU - Giacinto, G.
PY - 2022
SP - 121
EP - 133
DO - 10.5220/0011265300003283
PB - SciTePress