Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

In this book, we present an overview of existing Android malware and further systematically characterize their behavior from different perspectives. The characterization is made possible with our more than one-year effort in collecting \(1260\) Android malware samples in \(49\) different families, which covers the majority of existing Android malware, ranging from its debut in August 2010 to the end of 2011. By characterizing these malware samples from various aspects, our results show that (1) \(86.0\,\%\) of them repackage legitimate apps to include malicious payloads; (2) \(36.7\,\%\) contain platform-level exploits to escalate privilege; (3) \(93.0\,\%\) communicate with remote servers and/or exhibit bot-like functionality. A further in-depth evolution analysis of representative Android malware shows the rapid development and increased sophistication, posing significant challenges for their detection. As existing mobile security solutions still lag behind, these results call for the need to better develop next-generation anti-mobile-malware solutions.