Android Malware Threats:  A Strengthened Reverse Engineering Approach to Forensic Analysis

Ridho Surya Kusuma; Muhammad Dirga Purnomo Putra

doi:10.14421/jiska.2025.10.1.122-138

Authors

Ridho Surya Kusuma Universitas Siber Muhammadiyah
M Dirga Purnomo Putra Universitas Siber Muhammadiyah

DOI:

https://doi.org/10.14421/jiska.2025.10.1.122-138

Keywords:

Malware Android, Reverse Engineering, Android Security, Digital Forensic, Cybersecurity

Abstract

The increasing prevalence of Android devices has made them prime targets for malware attacks. These malicious programs pose a significant threat, causing financial loss through unauthorized premium-rate SMS messages and jeopardizing user privacy by stealing sensitive data like login credentials and contact information. The potential for downloaded malware to further compromise the device by installing additional malicious applications is even more concerning. To combat this growing menace, researchers are actively exploring methods to identify and mitigate these threats. This study investigates the effectiveness of reverse engineering as a tool for analyzing suspicious Android applications. Reverse engineering involves meticulously disassembling the application's code, deconstructing its functionalities, and revealing its underlying mechanisms. We uncovered its malicious capabilities by applying this technique to a suspected malware-infected application. This analysis used six stages: Initialization, decompilation, static analysis, code reversing, behavioral analysis, and reporting. This research underscores the power of reverse engineering as a valuable tool for deconstructing the functionalities of Android malware. By understanding how these malicious programs operate, we can develop more robust detection and prevention methods to safeguard Android users from these evolving threats. This research successfully obtained data and information about the virus and the number of attackers. The result also involves the list of specific files that contain malware indicators, so it would be used in the future to enhance detection system.

References

Adamov, A., & Carlsson, A. (2020). Reinforcement Learning for Anti-Ransomware Testing. 2020 IEEE East-West Design and Test Symposium, EWDTS 2020 - Proceedings. https://doi.org/10.1109/EWDTS50664.2020.9225141

Almomani, I., Alkhayer, A., & El-Shafai, W. (2022). An Automated Vision-Based Deep Learning Model for Efficient Detection of Android Malware Attacks. IEEE Access, 10, 2700–2720. https://doi.org/10.1109/ACCESS.2022.3140341

Bartliff, Z., Kim, Y., Hopfgartner, F., & Baxter, G. (2020). Leveraging digital forensics and data exploration to understand the creative work of a filmmaker: A case study of Stephen Dwoskin’s digital archive. Information Processing & Management, 57(6), 102339. https://doi.org/10.1016/J.IPM.2020.102339

Bellizzi, J., Vella, M., Colombo, C., & Hernandez-Castro, J. (2022). Responding to Targeted Stealthy Attacks on Android Using Timely-Captured Memory Dumps. IEEE Access, 10, 35172–35218. https://doi.org/10.1109/ACCESS.2022.3160531

Bhandari, S., & Jusas, V. (2020a). An Abstraction Based Approach for Reconstruction of TimeLine in Digital Forensics. Symmetry 2020, Vol. 12, Page 104, 12(1), 104. https://doi.org/10.3390/SYM12010104

Bhandari, S., & Jusas, V. (2020b). An Ontology Based on the Timeline of Log2timeline and Psort Using Abstraction Approach in Digital Forensics. Symmetry 2020, Vol. 12, Page 642, 12(4), 642. https://doi.org/10.3390/SYM12040642

Elsersy, W. F., Feizollah, A., & Anuar, N. B. (2022). The rise of obfuscated Android malware and impacts on detection methods. PeerJ Computer Science, 8, e907. https://doi.org/10.7717/PEERJ-CS.907/SUPP-2

Joseph Raymond, V., & Jeberson Retna Raj, R. (2022). Investigation of Android Malware Using Deep Learning Approach. Intelligent Automation & Soft Computing, 35(2), 2413–2429. https://doi.org/10.32604/IASC.2023.030527

Kusuma, R. S. (2023). Forensik Serangan Ransomware Ryuk pada Jaringan Cloud. MULTINETICS , 9(2), 99–107. https://doi.org/10.32722/MULTINETICS.V9I2.5234

Liu, Y., Tantithamthavorn, C., Li, L., & Liu, Y. (2022). Deep Learning for Android Malware Defenses: A Systematic Literature Review. ACM Computing Surveys, 55(8). https://doi.org/10.1145/3544968

Lubuva, H., Huang, Q., & Charles Msonde, G. (2019). A Review of Static Malware Detection for Android Apps Permission Based on Deep Learning. International Journal of Computer Networks and Applications. https://doi.org/10.22247/ijcna/2019/187292

Maglaras, L., Janicke, H., Amine Ferrag, M., Alkahtani, H., & H Aldhyani, T. H. (2022). Artificial Intelligence Algorithms for Malware Detection in Android-Operated Mobile Devices. Sensors 2022, Vol. 22, Page 2268, 22(6), 2268. https://doi.org/10.3390/S22062268

Manzil, H. H. R., & Manohar Naik, S. (2023). Android malware category detection using a novel feature vector-based machine learning model. Cybersecurity, 6(1), 1–11. https://doi.org/10.1186/S42400-023-00139-Y/TABLES/7

Mastino, C. C., Ricciu, R., Baccoli, R., Salaris, C., Innamoratii, R., Frattolilloi, A., & Pacitto, A. (2022). Computational Model For The Estimation Of Thermo-Energetic Properties In Dynamic Regime Of Existing Building Components. Journal of Physics: Conference Series, 2177(1), 012029. https://doi.org/10.1088/1742-6596/2177/1/012029

Moses, A., & Morris, S. (2021). Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies. Journal of Information Security and Cybercrimes Research, 4(2), 103–131. https://doi.org/10.26735/KRVI8434

Qamar, A., Karim, A., & Chang, V. (2019). Mobile malware attacks: Review, taxonomy & future directions. Future Generation Computer Systems, 97, 887–909. https://doi.org/10.1016/J.FUTURE.2019.03.007

Qiu, J., Zhang, J., Luo, W., Pan, L., Nepal, S., Wang, Y., & Xiang, Y. (2019). A3CM: Automatic Capability Annotation for Android Malware. IEEE Access, 7, 147156–147168. https://doi.org/10.1109/ACCESS.2019.2946392

Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D., & Pangalos, G. J. (2019). Actionable threat intelligence for digital forensics readiness. Information and Computer Security, 27(2), 273–291. https://doi.org/10.1108/ICS-09-2018-0110/FULL/XML

Umar, R., Riadi, I., & Kusuma, R. S. (2021a). Analysis of Conti Ransomware Attack on Computer Network with Live Forensic Method. IJID (International Journal on Informatics for Development), 10(1), 53–61. https://doi.org/10.14421/IJID.2021.2423

Umar, R., Riadi, I., & Kusuma, R. S. (2021b). Mitigating sodinokibi ransomware attack on cloud network using software-defined networking (SDN). International Journal of Safety and Security Engineering, 11(3), 239–246. https://doi.org/10.18280/IJSSE.110304

Urooj, B., Shah, M. A., Maple, C., Abbasi, M. K., & Riasat, S. (2022). Malware Detection: A Framework for Reverse Engineered Android Applications Through Machine Learning Algorithms. IEEE Access, 10, 89031–89050. https://doi.org/10.1109/ACCESS.2022.3149053

Ye, G., Zhang, J., Li, H., Tang, Z., & Lv, T. (2022). Android Malware Detection Technology Based on Lightweight Convolutional Neural Networks. Security and Communication Networks, 2022(1), 8893764. https://doi.org/10.1155/2022/8893764

Android Malware Threats: A Strengthened Reverse Engineering Approach to Forensic Analysis

Authors

DOI:

Keywords:

Abstract

References

Downloads

Published

How to Cite

Issue

Section

License

Make a Submission

Indexed by

Information

Statistic