All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Explaining the Use of Cryptographic API in Android Malware

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F23%3A00131871" target="_blank" >RIV/00216224:14330/23:00131871 - isvavai.cz</a>

  • Result on the web

    <a href="http://dx.doi.org/10.1007/978-3-031-45137-9_4" target="_blank" >http://dx.doi.org/10.1007/978-3-031-45137-9_4</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1007/978-3-031-45137-9_4" target="_blank" >10.1007/978-3-031-45137-9_4</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Explaining the Use of Cryptographic API in Android Malware

  • Original language description

    Cryptography allows for guaranteeing secure communications, concealing critical data from reverse engineering, or ensuring mobile users’ privacy. Android malware developers extensively leveraged cryptographic libraries to obfuscate and hide malicious behavior. Various system-based and third-party libraries provide cryptographic functionalities for Android, and their use and misuse by application developers have already been documented. This paper analyzes the use of cryptographic APIs in Android malware by comparing them to benign Android applications. In particular, Android applications released between 2012 and 2020 have been analyzed, and more than 1 million cryptographic API expressions have been gathered. We created a processing pipeline to produce a report to reveal trends and insights on how and why cryptography is employed in Android malware. Results showed that the usage of cryptographic APIs in malware differs from that made in benign applications. The different patterns in the use of cryptographic APIs in malware and benign applications have been further analyzed through the explanations of Android malware detectors based on machine learning approaches, showing how crypto-related features can improve detection performances. We observed that the transition to more robust cryptographic techniques is slower in Android malware than in benign applications.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10200 - Computer and information sciences

Result continuities

  • Project

    <a href="/en/project/GA20-03426S" target="_blank" >GA20-03426S: Examining and improving security of elliptic curve cryptography</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2023

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    E-Business and Telecommunications

  • ISBN

    9783031451362

  • ISSN

    1865-0929

  • e-ISSN

  • Number of pages

    29

  • Pages from-to

    69-97

  • Publisher name

    Springer Nature Switzerland

  • Place of publication

    Cham

  • Event location

    Cham

  • Event date

    Jan 1, 2023

  • Type of event by nationality

    CST - Celostátní akce

  • UT code for WoS article

Similar results(10)

A Longitudinal Study of Cryptographic API: a Decade of Android MalwareImplementation of Revocable Keyed-Verification Anonymous Credentials on Java CardTechniques that Allow Hidden Activity Based Malware on Android Mobile Devices