A distributed approach to malware analysis (BruCON 0x06 - Daan Raman)

C0b308daf390cc55056669b40dd04604?s=47 Daan Raman
September 25, 2014

A distributed approach to malware analysis (BruCON 0x06 - Daan Raman)

In this presentation, we will discuss the advantages of a distributed online mobile malware scanning service for Android. To the service, a range of distributed clients can contribute and share malware scanning results.

In our proof-of-concept called "ApkScan", we’ve implemented several clients that analyze Android samples in a distributed manner. Each client combines static and dynamic analysis techniques to get an understanding of the potential maliciousness of an Android application. Each sample can be analyzed in parallel by a number of clients. Scan results generated by these clients can then be requested and further analyzed through an online API which we will introduce and make public during BruCON.

Finally, we will present statistics on modern Android malware that has been analyzed by ApkScan over the past year. In that time period, more than 25.000 unique user-submitted and app store samples were analyzed.

C0b308daf390cc55056669b40dd04604?s=128

Daan Raman

September 25, 2014
Tweet