Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications
Download: Paper (PDF)
Date: 22 Feb 2014
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2014
Android allows applications to load additional code from external sources at runtime. We demonstrate that this introduces vulnerabilities in a considerable number of benign applications, while it allows malware to evade offline analysis systems, such as the Google Bouncer. Finally, we propose a modification to Android to counter this threat.