We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:


Current browse context:


Change to browse by:


References & Citations

DBLP - CS Bibliography


(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: A Longitudinal Study of Cryptographic API: a Decade of Android Malware

Abstract: Cryptography has been extensively used in Android applications to guarantee secure communications, conceal critical data from reverse engineering, or ensure mobile users' privacy. Various system-based and third-party libraries for Android provide cryptographic functionalities, and previous works mainly explored the misuse of cryptographic API in benign applications. However, the role of cryptographic API has not yet been explored in Android malware. This paper performs a comprehensive, longitudinal analysis of cryptographic API in Android malware. In particular, we analyzed $603\,937$ Android applications (half of them malicious, half benign) released between $2012$ and $2020$, gathering more than 1 million cryptographic API expressions. Our results reveal intriguing trends and insights on how and why cryptography is employed in Android malware. For instance, we point out the widespread use of weak hash functions and the late transition from insecure DES to AES. Additionally, we show that cryptography-related characteristics can help to improve the performance of learning-based systems in detecting malicious applications.
Comments: Fix processing time data
Subjects: Cryptography and Security (cs.CR)
Cite as: arXiv:2205.05573 [cs.CR]
  (or arXiv:2205.05573v4 [cs.CR] for this version)

Submission history

From: Adam Janovsky [view email]
[v1] Wed, 11 May 2022 15:39:57 GMT (1375kb,D)
[v2] Wed, 18 May 2022 08:58:37 GMT (688kb,D)
[v3] Tue, 5 Jul 2022 09:04:51 GMT (1496kb,D)
[v4] Wed, 6 Jul 2022 19:59:46 GMT (1496kb,D)

Link back to: arXiv, form interface, contact.