* ICSE 2018 *
Sun 27 May - Sun 3 June 2018 Gothenburg, Sweden
Wed 30 May 2018 17:00 - 17:20 at J1 room - Empirical Software Engineering Chair(s): Marija Mikic

The Android platform has been the dominant mobile platform in recent years resulting in millions of apps and security threats against those apps. Anti-malware products aim to protect smartphone users from these threats, especially from malicious apps. However, malware authors use code obfuscation on their apps to evade detection by anti-malware products. To assess the effects of code obfuscation on Android apps and anti-malware products, we have conducted a large-scale empirical study that evaluates the effectiveness of the top anti-malware products against various obfuscation tools and strategies. To that end, we have obfuscated 3,000 benign apps and 3,000 malicious apps and generated 73,362 obfuscated apps using 29 obfuscation strategies from 7 open-source, academic, and commercial obfuscation tools. The findings of our study indicate that (1) code obfuscation significantly impacts Android anti-malware products; (2) the majority of anti-malware products are severely impacted by even trivial obfuscations; (3) in general, combined obfuscation strategies do not successfully evade anti-malware products more than individual strategies; (4) the detection of anti-malware products depend not only on the applied obfuscation strategy but also on the leveraged obfuscation tool; (5) anti-malware products are slow to adopt signatures of malicious apps; and (6) code obfuscation often results in changes to an app’s semantic behaviors.

Presentation Slides (icse2018_obfuscation_v6.pptx)6.77MiB

Wed 30 May
Times are displayed in time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:00 - 18:00: Technical Papers - Empirical Software Engineering at J1 room
Chair(s): Marija MikicGoogle
icse-2018-Technical-Papers16:00 - 16:20
Christoph Mayr-DornJohannes Kepler University Linz, Alexander Egyed
DOI Pre-print
icse-2018-Technical-Papers16:20 - 16:40
Lingling FanEast China Normal University, China/Nanyang Technological University, Singapore, Ting SuNanyang Technological University, Singapore, Sen ChenNanyang Technological University, Guozhu MengNanyang Technological University, Singapore, Yang LiuNanyang Technological University, Singapore, Lihua Xu, Geguang Pu, Zhendong SuUniversity of California, Davis
DOI Pre-print File Attached
icse-2018-Journal-first-papers16:40 - 17:00
Link to publication DOI
icse-2018-Technical-Papers17:00 - 17:20
Mahmoud HammadUniversity of California, Irvine, Joshua Garcia, Sam MalekUniversity of California, Irvine
DOI Pre-print Media Attached File Attached
icse-2018-Journal-first-papers17:20 - 17:40
Nemitari Ajienka, Andrea CapiluppiBrunel University, Steve CounsellBrunel University London
Link to publication DOI Media Attached
icse-2018-Technical-Papers17:40 - 18:00