DroidChameleon: Evaluating Android Anti-Malware Against Transformation Attacks
Mobile malware threats (e.g., on Android) have recently become a real concern. In this paper, the authors evaluate the state-of-the-art commercial mobile anti-malware products for Android and test how resistant they are against various common obfuscation techniques (even with known malware). Such an evaluation is important for not only measuring the available defense against mobile malware threats but also proposing effective, next-generation solutions. They developed DroidChameleon, a systematic framework with various transformation techniques, and used it for their study. Their results on ten popular commercial anti-malware applications for Android are worrisome: none of these tools is resistant against common malware transformation techniques.