Issue

Vol 3, No 1, February-2018

Analysis of Uapush Malware Infection using Static and Behavior Method on Android

https://doi.org/10.22219/kinetik.v3i1.265
Syaifuddin Syaifuddin
Universitas Muhammadiah Malang
Zamah Sari
Universitas Muhammadiyah Malang
Mohammad Khairul Masduqi
Universitas Muhammadiyah Malang

Corresponding Author(s) : Syaifuddin Syaifuddin

saifuddin@umm.ac.id

Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, Vol 3, No 1, February-2018

Abstract

This research combines static and behavior analysis to detect malwares on Android system. The analysis process was completed by implementing analysis process on a malware-infected application running on an Android device. The analysis process was implemented based on specific stages, started from implementing behavior analysis on a malware-infected application running on Android device. Moreover, this behavior analysis ran the application on an Android emulator; afterwards, the file processing running on Android would be analyzed using the tool designed on this research to determine whether or not the executed application has been infected by malware. By utilizing behavior analysis, this research aimed to construct LiME kernel module being able to be executed on Android to collect data running on Android memory. This collected data would be analyzed further using volatility as data scanning. The second analysis utilized static analysis by checking the application on android system before running. During the static analysis, the application extraction was executed to generate some files to be analyzed to verify malware infection.

Keywords

Malware Android Virtualization Uapush
Syaifuddin, S., Sari, Z., & Masduqi, M. K. (2018). Analysis of Uapush Malware Infection using Static and Behavior Method on Android. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control, 3(1), 81-90. https://doi.org/10.22219/kinetik.v3i1.265
Download Citation
Endnote/Zotero/Mendeley (RIS)
BibTeX
References
  1. A. Kurniawan and Y. Prayudi, “Live Forensics Technique on Zeus Malware Activities to Support Malware Forensic Investigation,” HADFEX (Hacking Digital Forensics Exposed), June 2014, Pp. 1–5, 2014.
  2. R. Novrianda, Y. N. Kunang, and P. H. Shaksono, “Malware Forensics Analysis in Android Platform,” 2014.
  3. P. Richardus and E. Indrajit, “Malware Analysis.”
  4. R. A. Pangestu, “Analysis of Top 3 High Level Malware Infections on Zeroaccess, Alureon.dx, and Zeus using Digital Forensics based on Volatile Memory in Windows XP and Windows 7 Operation Systems,” University of Stuttgart, No. 9560291, Pp. 2–4, 2012.
  5. N. Threat, I. Report, N. Security, N. Threat, and I. Laboratories, “Nokia Threat Intelligence Report,” 2016.
  6. Y.-H. C. Ming-yang su, Kek-Tung Fung, Yu-Hao Huang, and Ming-Zhi Kang, “Detection of Android Malware: Combined with Static Analysis and Dynamic Analysis,” IEEE, Pp. 1013–1018, 2016.
  7. M. F. Agung, “Basic Concept of Malware Analysis,” 2011.
  8. R. Adenansi and L. A. Novarina, “Malware Dynamic,” Vol. 1, Pp. 37–43, 2017.
  9. F. Freiling, “Practical Infeasibility of Android Smartphone Live Forensics,” Practical Infeasibility of Android Smartphone Live Forensics, 2015.
  10. Carbone, Richard. “Malware Memory Analysis of the IVYL Linux Rootkit: Investigating a Publicly Available Linux Rootkit Using the Volatility Memory Analysis Framework,” Defence Research and Development Canada-Valcartier Research Centre Quebec, Quebec Canada, 2015.
Read More
Author biographies is not available.
Download this PDF file
PDF
Statistic
Read Counter : 1066 Download : 532

Downloads

Download data is not yet available.