Skip to main content
Top

2021 | OriginalPaper | Chapter

Mobile Malware Forensic Review: Issues and Challenges

Authors : Abdullah Mujawib Alashjaee, Nawaf Almolhis, Michael Haney

Published in: Advances in Security, Networks, and Internet of Things

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

In this paper, recent scholastic research conducted by various groups in the field of mobile malware detection, analysis, and associated forensic techniques are reviewed. Information on mobile malware evolution, investigative procedures, methodologies on detection, current tools, and related implications are presented. The purpose of this work is to provide insights into the mobile malware industry and a better understanding of the current tools and techniques in mobile malware forensics. Special consideration has been given to mobile malware detection and analysis architecture to gain a clear picture of how specialized tools and techniques are used in investigating incidents involving mobile malware. Practical implications of implementing conventional malware forensic techniques in mobile malware forensics are also presented.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference Q. Zhou et al., A novel approach for mobile malware classification and detection in Android systems. Multimed. Tools Appl. 78(3), 3529–3552 (2019)CrossRef Q. Zhou et al., A novel approach for mobile malware classification and detection in Android systems. Multimed. Tools Appl. 78(3), 3529–3552 (2019)CrossRef
2.
go back to reference Z. Grimmett, J. Staggs, S. Shenoi, Categorizing mobile device malware based on system side-effects, in IFIP International Conference on Digital Forensics, (Springer, 2017) Z. Grimmett, J. Staggs, S. Shenoi, Categorizing mobile device malware based on system side-effects, in IFIP International Conference on Digital Forensics, (Springer, 2017)
3.
go back to reference R.P. Ayers, S. Brothers, W. Jansen, in Guidelines on Mobile Device Forensics (2014) R.P. Ayers, S. Brothers, W. Jansen, in Guidelines on Mobile Device Forensics (2014)
4.
go back to reference C. Lim, K. Ramli, Y.S. Kotualubun, Mal-Flux: Rendering hidden code of packed binary executable. Digit. Investig. 28, 83–95 (2019)CrossRef C. Lim, K. Ramli, Y.S. Kotualubun, Mal-Flux: Rendering hidden code of packed binary executable. Digit. Investig. 28, 83–95 (2019)CrossRef
5.
go back to reference X. Zhang, T.T. Yuen, K.-K.R. Choo, Experiential learning in digital forensics, in Digital Forensic Education, (Springer, 2020), pp. 1–9CrossRef X. Zhang, T.T. Yuen, K.-K.R. Choo, Experiential learning in digital forensics, in Digital Forensic Education, (Springer, 2020), pp. 1–9CrossRef
6.
go back to reference A. Qamar, A. Karim, V. Chang, Mobile malware attacks: Review, taxonomy & future directions. Futur. Gener. Comput. Syst. 97, 887–909 (2019)CrossRef A. Qamar, A. Karim, V. Chang, Mobile malware attacks: Review, taxonomy & future directions. Futur. Gener. Comput. Syst. 97, 887–909 (2019)CrossRef
7.
go back to reference M. Alazab, Profiling and classifying the behavior of malicious codes. J. Syst. Softw. 100, 91–102 (2015)CrossRef M. Alazab, Profiling and classifying the behavior of malicious codes. J. Syst. Softw. 100, 91–102 (2015)CrossRef
8.
go back to reference M. Alazab et al., Intelligent mobile malware detection using permission requests and API calls. Futur. Gener. Comput. Syst. (2020) M. Alazab et al., Intelligent mobile malware detection using permission requests and API calls. Futur. Gener. Comput. Syst. (2020)
9.
go back to reference E.W. Burroughs, Pocket Sized Threats: Discussing Malware Attacks on Android Smartphones (Utica College, 2019) E.W. Burroughs, Pocket Sized Threats: Discussing Malware Attacks on Android Smartphones (Utica College, 2019)
10.
go back to reference J. Milosevic, M. Malek, A. Ferrante, Time, accuracy and power consumption tradeoff in mobile malware detection systems. Comput. Secur. 82, 314–328 (2019)CrossRef J. Milosevic, M. Malek, A. Ferrante, Time, accuracy and power consumption tradeoff in mobile malware detection systems. Comput. Secur. 82, 314–328 (2019)CrossRef
11.
go back to reference N.K. Gyamfi, E. Owusu, Survey of mobile malware analysis, detection techniques and tool, in 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), (IEEE, 2018) N.K. Gyamfi, E. Owusu, Survey of mobile malware analysis, detection techniques and tool, in 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON), (IEEE, 2018)
12.
go back to reference A.N. Moussa et al., A consumer-oriented cloud forensic process model, in 2019 IEEE 10th Control and System Graduate Research Colloquium (ICSGRC), (IEEE, 2019) A.N. Moussa et al., A consumer-oriented cloud forensic process model, in 2019 IEEE 10th Control and System Graduate Research Colloquium (ICSGRC), (IEEE, 2019)
13.
go back to reference D. Geneiatakis et al., Towards a mobile malware detection framework with the support of machine learning, in International ISCIS Security Workshop, (Springer, 2018) D. Geneiatakis et al., Towards a mobile malware detection framework with the support of machine learning, in International ISCIS Security Workshop, (Springer, 2018)
14.
go back to reference P. Yan, Z. Yan, A survey on dynamic mobile malware detection. Softw. Qual. J. 26(3), 891–919 (2018)CrossRef P. Yan, Z. Yan, A survey on dynamic mobile malware detection. Softw. Qual. J. 26(3), 891–919 (2018)CrossRef
15.
go back to reference G. Suarez-Tangil et al., Evolution, detection and analysis of malware for smart devices. IEEE Commun. Surv. Tutor. 16(2), 961–987 (2013)CrossRef G. Suarez-Tangil et al., Evolution, detection and analysis of malware for smart devices. IEEE Commun. Surv. Tutor. 16(2), 961–987 (2013)CrossRef
16.
go back to reference V. Kouliaridis et al., A survey on mobile malware detection techniques. IEICE Trans. Inf. Syst. 103(2), 204–211 (2020)CrossRef V. Kouliaridis et al., A survey on mobile malware detection techniques. IEICE Trans. Inf. Syst. 103(2), 204–211 (2020)CrossRef
17.
go back to reference M. Fan et al., Graph embedding based familial analysis of android malware using unsupervised learning, in 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE), (IEEE, 2019) M. Fan et al., Graph embedding based familial analysis of android malware using unsupervised learning, in 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE), (IEEE, 2019)
18.
go back to reference K.L. products, Mobile malware evolution 2018, in Kaspersky Official Web Page, (2019) K.L. products, Mobile malware evolution 2018, in Kaspersky Official Web Page, (2019)
19.
go back to reference R. Ahmed, R.V. Dharaskar, Mobile forensics: An introduction from Indian law enforcement perspective, in International Conference on Information Systems, Technology and Management, (Springer, 2009) R. Ahmed, R.V. Dharaskar, Mobile forensics: An introduction from Indian law enforcement perspective, in International Conference on Information Systems, Technology and Management, (Springer, 2009)
20.
go back to reference A.N. Moussa, N. Ithnin, A. Zainal, CFaaS: Bilaterally agreed evidence collection. J. Cloud Comp. 7(1), 1 (2018)CrossRef A.N. Moussa, N. Ithnin, A. Zainal, CFaaS: Bilaterally agreed evidence collection. J. Cloud Comp. 7(1), 1 (2018)CrossRef
21.
go back to reference K. Alissa et al., A comparative study of WhatsApp forensics tools. SN Appl. Sci. 1(11), 1320 (2019)CrossRef K. Alissa et al., A comparative study of WhatsApp forensics tools. SN Appl. Sci. 1(11), 1320 (2019)CrossRef
22.
go back to reference V.R. Kebande, N.M. Karie, S. Omeleze, A mobile forensic readiness model aimed at minimizing cyber bullying. Int. J. Comp. Appl. 140(1) (2016) V.R. Kebande, N.M. Karie, S. Omeleze, A mobile forensic readiness model aimed at minimizing cyber bullying. Int. J. Comp. Appl. 140(1) (2016)
23.
go back to reference A.N. Moussa, N.B. Ithnin, O.A. Miaikil, Conceptual forensic readiness framework for infrastructure as a service consumers, in 2014 IEEE Conference on Systems, Process and Control (ICSPC 2014), (IEEE, 2014) A.N. Moussa, N.B. Ithnin, O.A. Miaikil, Conceptual forensic readiness framework for infrastructure as a service consumers, in 2014 IEEE Conference on Systems, Process and Control (ICSPC 2014), (IEEE, 2014)
24.
go back to reference M. Spreitzenbarth, Tools and processes for forensic analyses of smartphones and mobile malware, in SPRING-SIDAR Graduierten-Workshop über Reaktive Sicherheit, (Bochum, Deutschland, 2011), p. 2011 M. Spreitzenbarth, Tools and processes for forensic analyses of smartphones and mobile malware, in SPRING-SIDAR Graduierten-Workshop über Reaktive Sicherheit, (Bochum, Deutschland, 2011), p. 2011
25.
go back to reference J. Li, D. Gu, Y. Luo, Android malware forensics: Reconstruction of malicious events, in 2012 32nd International Conference on Distributed Computing Systems Workshops, (IEEE, 2012) J. Li, D. Gu, Y. Luo, Android malware forensics: Reconstruction of malicious events, in 2012 32nd International Conference on Distributed Computing Systems Workshops, (IEEE, 2012)
26.
go back to reference M. Kim et al., A study on behavior-based mobile malware analysis system against evasion techniques, in 2016 International Conference on Information Networking (ICOIN), (IEEE, 2016) M. Kim et al., A study on behavior-based mobile malware analysis system against evasion techniques, in 2016 International Conference on Information Networking (ICOIN), (IEEE, 2016)
27.
go back to reference K. Barmpatsalou et al., Mobile forensic data analysis: Suspicious pattern detection in mobile evidence. IEEE Access 6, 59705–59727 (2018)CrossRef K. Barmpatsalou et al., Mobile forensic data analysis: Suspicious pattern detection in mobile evidence. IEEE Access 6, 59705–59727 (2018)CrossRef
28.
go back to reference G. Suarez-Tangil et al., ALTERDROID: Differential fault analysis of obfuscated smartphone malware. IEEE Trans. Mob. Comput. 15(4), 789–802 (2015) G. Suarez-Tangil et al., ALTERDROID: Differential fault analysis of obfuscated smartphone malware. IEEE Trans. Mob. Comput. 15(4), 789–802 (2015)
29.
go back to reference L. Caviglione et al., Seeing the unseen: Revealing mobile malware hidden communications via energy consumption and artificial intelligence. IEEE Trans. Inf. Forensics Sec. 11(4), 799–810 (2015)CrossRef L. Caviglione et al., Seeing the unseen: Revealing mobile malware hidden communications via energy consumption and artificial intelligence. IEEE Trans. Inf. Forensics Sec. 11(4), 799–810 (2015)CrossRef
30.
go back to reference J. Alhassan et al., Comparative evaluation of mobile forensic tools, in International Conference on Information Theoretic Security, (Springer, 2018) J. Alhassan et al., Comparative evaluation of mobile forensic tools, in International Conference on Information Theoretic Security, (Springer, 2018)
31.
go back to reference Y. Shao et al., Kratos: Discovering inconsistent security policy enforcement in the android framework, in NDSS, (2016) Y. Shao et al., Kratos: Discovering inconsistent security policy enforcement in the android framework, in NDSS, (2016)
32.
go back to reference S.Y. Yerima, S. Khan, Longitudinal performance analysis of machine learning based android malware detectors, in 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), (IEEE, 2019) S.Y. Yerima, S. Khan, Longitudinal performance analysis of machine learning based android malware detectors, in 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), (IEEE, 2019)
33.
go back to reference A. Kumar, K. Kuppusamy, G. Aghila, FAMOUS: Forensic Analysis of MObile devices Using Scoring of application permissions. Futur. Gener. Comput. Syst. 83, 158–172 (2018)CrossRef A. Kumar, K. Kuppusamy, G. Aghila, FAMOUS: Forensic Analysis of MObile devices Using Scoring of application permissions. Futur. Gener. Comput. Syst. 83, 158–172 (2018)CrossRef
34.
go back to reference X. Lin et al., Automated forensic analysis of mobile applications on android devices. Digit. Investig. 26, S59–S66 (2018)CrossRef X. Lin et al., Automated forensic analysis of mobile applications on android devices. Digit. Investig. 26, S59–S66 (2018)CrossRef
35.
go back to reference H. Ruan et al., Analyzing android application in real-time at kernel level, in 2017 26th International Conference on Computer Communication and Networks (ICCCN), (IEEE, 2017) H. Ruan et al., Analyzing android application in real-time at kernel level, in 2017 26th International Conference on Computer Communication and Networks (ICCCN), (IEEE, 2017)
36.
go back to reference X. Su, M. Chuah, G. Tan, Smartphone dual defense protection framework: Detecting malicious applications in android markets, in 2012 8th International Conference on Mobile Ad-hoc and Sensor Networks (MSN), (IEEE, 2012) X. Su, M. Chuah, G. Tan, Smartphone dual defense protection framework: Detecting malicious applications in android markets, in 2012 8th International Conference on Mobile Ad-hoc and Sensor Networks (MSN), (IEEE, 2012)
37.
go back to reference B. Team, SandDroid: An APK Analysis Sandbox (Xian Jiaotong University, 2014) B. Team, SandDroid: An APK Analysis Sandbox (Xian Jiaotong University, 2014)
38.
go back to reference H. Alimardani, M. Nazeh, A taxonomy on recent mobile malware: Features, analysis methods, and detection techniques, in Proceedings of the 2018 International Conference on E-Business and Mobile Commerce, (2018) H. Alimardani, M. Nazeh, A taxonomy on recent mobile malware: Features, analysis methods, and detection techniques, in Proceedings of the 2018 International Conference on E-Business and Mobile Commerce, (2018)
39.
go back to reference Y. Zhou, X. Jiang, Dissecting android malware: Characterization and evolution, in 2012 IEEE Symposium on Security and Privacy, (IEEE, 2012) Y. Zhou, X. Jiang, Dissecting android malware: Characterization and evolution, in 2012 IEEE Symposium on Security and Privacy, (IEEE, 2012)
Metadata
Title
Mobile Malware Forensic Review: Issues and Challenges
Authors
Abdullah Mujawib Alashjaee
Nawaf Almolhis
Michael Haney
Copyright Year
2021
DOI
https://doi.org/10.1007/978-3-030-71017-0_26