Portal de Periódicos da CAPES

Using Dalvik opcodes for malware detection on android

2017; Oxford University Press; Volume: 25; Issue: 6 Linguagem: Inglês

10.1093/jigpal/jzx031

1368-9894

José Gaviria de la Puerta, Borja Sanz,

Software Engineering Research

Over the last few years, computers and smartphones have become essential tools in our ways of communicating with each other. Nowadays, the amount of applications in the Google store has grown exponentially, therefore, malware developers have introduced malicious applications in that market. The Android system uses the Dalvik virtual machine. Through reverse engineering, we may be able to get the different opcodes for each application. For this reason, in this paper an approach to detect malware on Android is presented, by using the techniques of reverse engineering and putting an emphasis on operational codes used for these applications. After obtaining these opcodes, machine learning techniques are used to classify apps.