Android Malware Threats: A Strengthened Reverse Engineering Approach to Forensic Analysis

Authors

  • Ridho Surya Kusuma Universitas Siber Muhammadiyah
  • M Dirga Purnomo Putra Universitas Siber Muhammadiyah

DOI:

https://doi.org/10.14421/jiska.2025.10.1.122-138

Keywords:

Malware Android, Reverse Engineering, Android Security, Digital Forensic, Cybersecurity

Abstract

The widespread adoption of Android devices has rendered them a primary target for malware attacks, resulting in substantial financial losses and significant breaches of user privacy. Malware can exploit system vulnerabilities to execute unauthorized premium SMS transactions, exfiltrate sensitive data, and install additional malicious applications. Conventional detection methodologies, such as static and dynamic analysis, often prove inadequate in identifying deeply embedded malicious behaviors. This study introduces a systematic reverse engineering framework for analysing suspicious Android applications. In contrast to traditional approaches, the proposed methodology consists of six distinct stages: Initialization, decompilation, static analysis, code reversing, behavioral analysis, and reporting. This structured process facilitates a comprehensive examination of an application's internal mechanisms, enabling the identification of concealed malware functionalities. The findings of this study demonstrate that the proposed method attains an overall effectiveness of 84.3%, surpassing conventional static and dynamic analysis techniques. Furthermore, this research generates a detailed list of files containing specific malware indicators, thereby enhancing future malware detection and prevention systems. These results underscore the efficacy of reverse engineering as a critical tool for understanding and mitigating sophisticated Android malware threats.

References

Alkahtani, H., & Aldhyani, T. H. H. (2022). Artificial Intelligence Algorithms for Malware Detection in Android-Operated Mobile Devices. Sensors, 22(6), 2268. https://doi.org/10.3390/s22062268

Almomani, I., Alkhayer, A., & El-Shafai, W. (2022). An Automated Vision-Based Deep Learning Model for Efficient Detection of Android Malware Attacks. IEEE Access, 10, 2700–2720. https://doi.org/10.1109/ACCESS.2022.3140341

Ashawa, M., & Morris, S. (2021). Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies. Journal of Information Security and Cybercrimes Research, 4(2), 103–131. https://doi.org/10.26735/KRVI8434

Bartliff, Z., Kim, Y., Hopfgartner, F., & Baxter, G. (2020). Leveraging digital forensics and data exploration to understand the creative work of a filmmaker: A case study of Stephen Dwoskin’s digital archive. Information Processing & Management, 57(6), 102339. https://doi.org/10.1016/j.ipm.2020.102339

Bellizzi, J., Vella, M., Colombo, C., & Hernandez-Castro, J. (2022). Responding to Targeted Stealthy Attacks on Android Using Timely-Captured Memory Dumps. IEEE Access, 10, 35172–35218. https://doi.org/10.1109/ACCESS.2022.3160531

Bhandari, S., & Jusas, V. (2020a). An Abstraction Based Approach for Reconstruction of TimeLine in Digital Forensics. Symmetry, 12(1), 104. https://doi.org/10.3390/sym12010104

Bhandari, S., & Jusas, V. (2020b). An Ontology Based on the Timeline of Log2timeline and Psort Using Abstraction Approach in Digital Forensics. Symmetry, 12(4), 642. https://doi.org/10.3390/sym12040642

Elsersy, W. F., Feizollah, A., & Anuar, N. B. (2022). Supplemental Information 2: Endnote research papers surveyed. In PeerJ Computer Science (Vol. 8, p. e907). https://doi.org/10.7717/peerj-cs.907/supp-2

Joseph Raymond, V., & Jeberson Retna Raj, R. (2023). Investigation of Android Malware Using Deep Learning Approach. Intelligent Automation & Soft Computing, 35(2), 2413–2429. https://doi.org/10.32604/iasc.2023.030527

Kusuma, R. S. (2023). Forensik Serangan Ransomware Ryuk pada Jaringan Cloud. MULTINETICS, 9(2), 99–107. https://doi.org/10.32722/multinetics.v9i2.5234

Liu, Y., Tantithamthavorn, C., Li, L., & Liu, Y. (2023). Deep Learning for Android Malware Defenses: A Systematic Literature Review. ACM Computing Surveys, 55(8), 1–36. https://doi.org/10.1145/3544968

Lubuva, H., Huang, Q., & Msonde, G. C. (2019). A Review of Static Malware Detection for Android Apps Permission Based on Deep Learning. International Journal of Computer Networks and Applications, 6(5), 80. https://doi.org/10.22247/ijcna/2019/187292

Manzil, H. H. R., & Manohar Naik, S. (2023). Android malware category detection using a novel feature vector-based machine learning model. Cybersecurity, 6(1), 6. https://doi.org/10.1186/s42400-023-00139-y

Mastino, C. C., Ricciu, R., Baccoli, R., Salaris, C., Innamoratii, R., Frattolilloi, A., & Pacitto, A. (2022). Computational Model For The Estimation Of Thermo-Energetic Properties In Dynamic Regime Of Existing Building Components. Journal of Physics: Conference Series, 2177(1), 012029. https://doi.org/10.1088/1742-6596/2177/1/012029

Qamar, A., Karim, A., & Chang, V. (2019). Mobile malware attacks: Review, taxonomy & future directions. Future Generation Computer Systems, 97, 887–909. https://doi.org/10.1016/j.future.2019.03.007

Qiu, J., Zhang, J., Luo, W., Pan, L., Nepal, S., Wang, Y., & Xiang, Y. (2019). A3CM: Automatic Capability Annotation for Android Malware. IEEE Access, 7, 147156–147168. https://doi.org/10.1109/ACCESS.2019.2946392

Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D., & Pangalos, G. J. (2019). Actionable threat intelligence for digital forensics readiness. Information & Computer Security, 27(2), 273–291. https://doi.org/10.1108/ICS-09-2018-0110

Umar, R., Riadi, I., & Kusuma, R. S. (2021a). Analysis of Conti Ransomware Attack on Computer Network with Live Forensic Method. IJID (International Journal on Informatics for Development), 10(1), 53–61. https://doi.org/10.14421/ijid.2021.2423

Umar, R., Riadi, I., & Kusuma, R. S. (2021b). Mitigating Sodinokibi Ransomware Attack on Cloud Network Using Software-Defined Networking (SDN). International Journal of Safety and Security Engineering, 11(3), 239–246. https://doi.org/10.18280/ijsse.110304

Urooj, B., Shah, M. A., Maple, C., Abbasi, M. K., & Riasat, S. (2022). Malware Detection: A Framework for Reverse Engineered Android Applications Through Machine Learning Algorithms. IEEE Access, 10, 89031–89050. https://doi.org/10.1109/ACCESS.2022.3149053

Ye, G., Zhang, J., Li, H., Tang, Z., & Lv, T. (2022). Android Malware Detection Technology Based on Lightweight Convolutional Neural Networks. Security and Communication Networks, 2022(1), 1–12. https://doi.org/10.1155/2022/8893764

Downloads

Published

2025-01-31

How to Cite

Kusuma, R. S., & Putra , M. D. P. (2025). Android Malware Threats: A Strengthened Reverse Engineering Approach to Forensic Analysis. JISKA (Jurnal Informatika Sunan Kalijaga), 10(1), 123–139. https://doi.org/10.14421/jiska.2025.10.1.122-138

Issue

Vol. 10 No. 1 (2025): January 2025

Section

Articles

License

Copyright (c) 2025 Ridho Surya Kusuma, M Dirga Purnomo Putra

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Authors who publish with this journal agree to the following terms as stated in http://creativecommons.org/licenses/by-nc/4.0


a. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

b. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

c. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.