Dissecting Android Cryptocurrency Miners

05/07/2019
by   Stanislav Dashevskyi, et al.
0

Cryptojacking applications pose a serious threat to mobile devices. Due to the extensive computations, they deplete the battery fast and can even damage the device. In this work, we make a step towards combating this threat. We collected and manually verified a large dataset of Android mining apps. We analyzed the collected miners and identified how they work, what are the most popular libraries and APIs used to facilitate their development, and what static features are typical for this class of applications. We have also analyzed our dataset with VirusTotal. The majority of our samples is considered malicious by at least one VirusTotal scanner, but 16 apps are not detected by any engine; and at least 5 apks were not seen previously by the service. Mining code could be obfuscated or fetched at runtime, and there are many confusing miner-related apps that actually do not mine. Thus, static features alone are not sufficient for miner detection. We have collected a feature set of dynamic metrics both for miners and unrelated benign apps, and built a machine learning-based tool for dynamic detection. Our tool dubbed BrenntDroid is able to detect miners with 95

READ FULL TEXT
research
07/01/2020

Mobile Botnet Detection: A Deep Learning Approach Using Convolutional Neural Networks

Android, being the most widespread mobile operating systems is increasin...
research
12/13/2021

FirmwareDroid: Security Analysis of the Android Firmware EcoSystem

The Android Open Source Project (AOSP) is probably the most used and cus...
research
11/30/2018

Security Code Smells in Android ICC

Android Inter-Component Communication (ICC) is complex, largely unconstr...
research
03/08/2022

TriggerZoo: A Dataset of Android Applications Automatically Infected with Logic Bombs

Many Android apps analyzers rely, among other techniques, on dynamic ana...
research
06/04/2020

Automatic Feature Extraction, Categorization and Detection of Malicious Code in Android Applications

Since Android has become a popular software platform for mobile devices ...
research
12/20/2021

Difuzer: Uncovering Suspicious Hidden Sensitive Operations in Android Apps

One prominent tactic used to keep malicious behavior from being detected...
research
02/03/2017

LeakSemantic: Identifying Abnormal Sensitive Network Transmissions in Mobile Applications

Mobile applications (apps) often transmit sensitive data through network...

Please sign up or login with your details

Forgot password? Click here to reset