-
Notifications
You must be signed in to change notification settings - Fork 24
Home
#Welcome to the baredroid wiki!
BareDroid is a scalable bare-metal malware-analysis platform for Android devices, the first infrastructure of this kind.
##Rationale of the approach
To analyze potentially-malicious Android apps at scale, security researchers have developed a variety of virtualized analysis environments, such as Andrubis, Google's Bouncer. Virtualized environments are the go-to choice because they are inherently scalable. Unfortunately, malware authors are aware of this trend.
Researchers have recently evaluated virtualized Android analysis environments [1], and they have found more than 10,000 detection heuristics that an app can use to detect emulated environment.
Despite the significant threat posed by emulator-aware Android malware (as it can evade all current analysis approaches), no solution to this problem has been proposed... until now...
BareDroid allows for bare-metal malware analysis on off-the-shelf Android devices and it is designed to scale at a price-point similar to the one offered by emulators.
[1] Jing, Yiming, et al. "Morpheus: automatically generating heuristics to detect Android emulators" Proceedings of the 30th Annual Computer Security Applications Conference. ACM, 2014.
##Publication Simone Mutti, Yanick Fratantonio, Antonio Bianchi, Luca Invernizzi, Jacopo Corbetta, Christopher Kruegel, and Giovanni Vigna. "BareDroid: Large-Scale Analysis of Android Apps on Real Devices" Proceedings of the 31st Annual Computer Security Applications Conference. Los Angeles, CA, December 2015.
##Acknowledgement