ANALISIS MALWARE ANDROID MENGGUNAKAN METODE REVERSE ENGINEERING
DOI:
https://doi.org/10.54066/jikma-itb.v1i2.169Keywords:
Android, APK, Malware, Reverse engineeringAbstract
Abstract: apid progress has been made in the development of Android-based smartphone technology. Communication, shopping and financial transactions are just a few of the daily tasks that people perform with their smartphones. Android, on the other hand, is an open-source operating system that makes it easy for anyone to create Android apps that can be accessed via a smartphone. Counting applications embedded with malware by application, one of which is malware.The analysis was carried out with samples of Trojan malware in the syssecApp.apk application using the reverse engineering method. in doing Trojan malware reverse engineering using APKTOOL tools, JD-GUI.This research will analyze the syssecApp.apk application that infects Trojan malware using the reverse engineering method. The results of the analysis on the syssecApp.apk application found that there is an ip host receiver contained in the source code in syssecApp.apk
References
Tom Wijman, “Three Billion Players by 2023: Engagement and Revenues Continue to Thrive Across the Global Games Market,” Jun 25 2020, Jan. 25, 2020.
VICTOR CHEBYSHEV, “IT threat evolution Q3 2020 Mobile statistics,” 2020, Nov. 20, 2020.
L. Zeltser, “Reverse engineering malware,” Retrieved June, vol. 13, p. 2010, 2001.
R. Pascanu, J. W. Stokes, H. Sanossian, M. Marinescu, and A. Thomas, “Malware classification with recurrent networks,” in 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2015, pp. 1916–1920.
T. Amperiyanto, P3K Virus Komputer. Elex Media Komputindo, 2007.
L. J. Hoffman, Rogue Programs: Viruses, Worms and Trojan Horses. Van Nostrand Reinhold Co., 1990.
M. Egele, C. Kruegel, E. Kirda, H. Yin, and D. Song, “Dynamic spyware analysis,” 2007.
R. S. Chakraborty, F. Wolff, S. Paul, C. Papachristou, and S. Bhunia, “MERO: A statistical approach for hardware Trojan detection,” in Cryptographic Hardware and Embedded Systems-CHES 2009: 11th International Workshop Lausanne, Switzerland, September 6-9, 2009 Proceedings, 2009, pp. 396–410.
E. Chien, “Techniques of adware and spyware,” in the Proceedings of the Fifteenth Virus Bulletin Conference, Dublin Ireland, 2005, vol. 47.
P. Tuli and P. Sahu, “System monitoring and security using keylogger,” International Journal of Computer Science and Mobile Computing, vol. 2, no. 3, pp. 106–111, 2013.
G. O’Gorman and G. McDonald, Ransomware: A growing menace. Symantec Corporation Arizona, AZ, USA, 2012.
U. Bayer, A. Moser, C. Kruegel, and E. Kirda, “Dynamic analysis of malicious code,” Journal in Computer Virology, vol. 2, pp. 67–77, 2006.
S. Kim, J. Park, K. Lee, I. You, and K. Yim, “A Brief Survey on Rootkit Techniques in Malicious Codes.,” J. Internet Serv. Inf. Secur., vol. 2, no. 3/4, pp. 134–147, 2012.
S. D. Sergeevich and T. O. Vladimirovich, “Virus detection backdoor in microsoft security essentials,” International Information Institute (Tokyo). Information, vol. 18, no. 6 (A), p. 2513, 2015.
S. Sen, E. Aydogan, and A. I. Aysan, “Coevolution of mobile malware and anti-malware,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 10, pp. 2563–2574, 2018.
V. Jyothsna, R. Prasad, and K. M. Prasad, “A review of anomaly based intrusion detection systems,” Int J Comput Appl, vol. 28, no. 7, pp. 26–35, 2011.
R. Sekar et al., “Specification-based anomaly detection: a new approach for detecting network intrusions,” in Proceedings of the 9th ACM conference on Computer and communications security, 2002, pp. 265–274.
M. Al-Asli and T. A. Ghaleb, “Review of signature-based techniques in antivirus products,” in 2019 International Conference on Computer and Information Sciences (ICCIS), 2019, pp. 1–6.
D. Android, “Android,” Retrieved February, vol. 24, p. 2011, 2011.
N. S. Sibarani, G. Munawar, and B. Wisnuadhi, “Analisis performa aplikasi android pada bahasa pemrograman java dan kotlin,” in Prosiding Industrial Research Workshop and National Seminar, 2018, vol. 9, pp. 319–324.
J. Lu, D. Wu, M. Mao, W. Wang, and G. Zhang, “Recommender system application developments: a survey,” Decis Support Syst, vol. 74, pp. 12–32, 2015.
Y. Zheng, S. Yang, and H. Cheng, “An application framework of digital twin and its case study,” J Ambient Intell Humaniz Comput, vol. 10, pp. 1141–1153, 2019.
D. X. Johansson et al., “Human combinatorial libraries yield rare antibodies that broadly neutralize hepatitis C virus,” Proceedings of the National Academy of Sciences, vol. 104, no. 41, pp. 16269–16274, 2007.
T. Vidas and N. Christin, “Evading android runtime analysis via sandbox detection,” in Proceedings of the 9th ACM symposium on Information, computer and communications security, 2014, pp. 447–458.
M. Schoeberl, S. Korsholm, T. Kalibera, and A. P. Ravn, “A hardware abstraction layer in Java,” ACM Trans Embed Comput Syst, vol. 10, no. 4, pp. 1–40, 2011.
F. Reghenzani, G. Massari, and W. Fornaciari, “The real-time linux kernel: A survey on preempt_rt,” ACM Computing Surveys (CSUR), vol. 52, no. 1, pp. 1–36, 2019.
H. A. Nugroho and Y. Prayudi, “Penggunaan Teknik Reverse Engineering Pada Malware Analysis Untuk Identifikasi Serangan Malware,” Universitas Islam Indonesia, Yogyakarta, 2014.
T. Varady, R. R. Martin, and J. Cox, “Reverse engineering of geometric models—an introduction,” Computer-aided design, vol. 29, no. 4, pp. 255–268, 1997.
M. Hardt and A. Negri, Assembly. Oxford University Press, 2017.
Z. Chen, E. Brophy, and T. Ward, “Malware classification using static disassembly and machine learning,” arXiv preprint arXiv:2201.07649, 2021.
I. Vessey, “Expertise in debugging computer programs: A process analysis,” Int J Man Mach Stud, vol. 23, no. 5, pp. 459–494, 1985.
S. Febriani, N. B. A. Karna, and R. Nugraha, “Analisis Performansi Enkripsi Pada Prosesor Intel Dengan Arsitektur X86,” eProceedings of Engineering, vol. 7, no. 1, 2020.
R. Salakhutdinov and G. Hinton, “Semantic hashing,” International Journal of Approximate Reasoning, vol. 50, no. 7, pp. 969–978, 2009.
A. S. Christensen, A. Møller, and M. I. Schwartzbach, “Precise analysis of string expressions,” in Static Analysis: 10th International Symposium, SAS 2003 San Diego, CA, USA, June 11–13, 2003 Proceedings, 2003, pp. 1–18.
J. Lu and W. Hou, “Decompile Program Graph Design and Controlling Flow Analysis.,” NATIONAL AIR INTELLIGENCE CENTER WRIGHT-PATTERSON AFB OH, 1995.
M. O. F. Rokon, R. Islam, A. Darki, E. E. Papalexakis, and M. Faloutsos, “SourceFinder: Finding Malware Source-Code from Publicly Available Repositories in GitHub.,” in RAID, 2020, pp. 149–163.
L. Ďurfina, J. Křoustek, and P. Zemek, “PsybOt malware: A step-by-step decompilation case study,” in 2013 20th Working Conference on Reverse Engineering (WCRE), 2013, pp. 449–456.
S. Sanders and L. Ziarek, “A comparison and contrast of APKTool and Soot for injecting blockchain calls into Android applications,” in Proceedings of the Annual Hawaii International Conference on System Sciences, 2021.
C. Steinbeck, C. Hoppe, S. Kuhn, M. Floris, R. Guha, and E. L. Willighagen, “Recent developments of the chemistry development kit (CDK)-an open-source java library for chemo-and bioinformatics,” Curr Pharm Des, vol. 12, no. 17, pp. 2111–2120, 2006.
R. P. Goldberg, “Survey of virtual machine research,” Computer (Long Beach Calif), vol. 7, no. 6, pp. 34–45, 1974.
K. Linux, “Kali Linux.” Obtenido de Official Kali Linux Documentation: http://docs. kali. org …, 2020.
K. A. Talha, D. I. Alper, and C. Aydin, “APK Auditor: Permission-based Android malware detection system,” Digit Investig, vol. 13, pp. 1–14, 2015.
J. Hoffmann, M. Ussath, T. Holz, and M. Spreitzenbarth, “Slicing droids: program slicing for smali code,” in Proceedings of the 28th Annual ACM Symposium on Applied Computing, 2013, pp. 1844–1851.
D. Popa, M. Cremene, M. Borda, and K. Boudaoud, “A security framework for mobile cloud applications,” in 2013 11th RoEduNet International Conference, 2013, pp. 1–4.
P. O. Badyorna, “THE USE OF GENYMOTION AT АNDROID DEVELOPMENT”.
X. Bing, W. Xia, J. Gui, G. Yan, X. Wang, and S. Liu, “Diversity and evolution of the Wolbachia endosymbionts of Bemisia (Hemiptera: Aleyrodidae) whiteflies,” Ecol Evol, vol. 4, no. 13, pp. 2714–2737, 2014.
E. S. Blas, “Pre-experimental designs in psychology and education: A conceptual review,” Liberabit, vol. 19, pp. 133–141, 2013.
T. R. Knapp, “Why is the one-group pretest–posttest design still used?,” Clinical Nursing Research, vol. 25, no. 5. SAGE Publications Sage CA: Los Angeles, CA, pp. 467–472, 2016.
