Skip to content
2000
Volume 18, Issue 6
  • ISSN: 2666-2558
  • E-ISSN: 2666-2566

Abstract

Introduction

Mobile devices have become an integral part of our digital lives, facilitating various tasks and storing a treasure trove of sensitive information. However, as more people utilize mobile devices, sophisticated cyber threats are emerging to elude traditional security measures.

Methods

The use of evasion techniques by malicious actors presents a significant challenge to mobile security, necessitating creative solutions. In this work, we investigate the potential critical role that the aspect-oriented programming paradigm AspectJ can play in strengthening mobile security against evasion attempts. Evasion techniques cover a wide range of tactics, including runtime manipulation, code obfuscation, and unauthorized data access.

Results

These tactics usually aim to bypass detection and avoid security measures. In order to address the aforementioned issues, this paper uses AspectJ to give developers a flexible and dynamic way to add aspects to their coding structures so they can monitor, intercept, and respond to evasive actions. It illustrates how AspectJ can improve mobile security and counteract the long-lasting risks that evasion techniques present in a dynamic threat landscape.

Conclusion

Consequently, this work proposes a novel defense mechanism incorporating AspectJ into a significant paradigm of security against evasion with 91.33% accuracy and demonstrates the successful detection of evasive attacks.

© 2025 Bentham Science Publishers
Loading

Article metrics loading...

/content/journals/rascs/10.2174/0126662558308040241009061506
2024-10-18
2025-10-11

  • From This Site

    /content/journals/rascs/10.2174/0126662558308040241009061506
    dcterms_title,dcterms_subject,pub_keyword
    -contentType:Contributor -contentType:Concept -contentType:Institution
    10
    5
Loading full text...

Full text loading...

References

  1. GargS. BaliyanN. Comparative analysis of Android and iOS from security viewpoint.Comput. Sci. Rev.20214010037210.1016/j.cosrev.2021.100372
     [Google Scholar]
  2. NazarM. RusmanR. PutriI. PuspitaK. Developing an android-based game for chemistry learners and its usability assessment.Int. J. Interact. Mob. Technol.2020141511112410.3991/ijim.v14i15.14351
     [Google Scholar]
  3. BakourK. ÜnverH.M. GhanemR. The Android malware detection systems between hope and reality.SN Appl. Sci.201919112010.1007/s42452‑019‑1124‑x
     [Google Scholar]
  4. KumarV. The Economic Value of Digital DisruptionSpringerSingapore202310.1007/978‑981‑19‑8148‑7
     [Google Scholar]
  5. KumarS. Making the case for stealthy, reliable, and low-overhead android malware detection and classification.Doctor of Philosophy, Indian Institute of Technology Kanpur2022
     [Google Scholar]
  6. NatesanS. GuptaM.R. IyerL.N. SharmaD. Detection of data leaks from android applications.2020 Second International Conference on Inventive Research in Computing Applications (ICIRCA)Coimbatore, India, 2020, pp. 326-332.10.1109/ICIRCA48905.2020.9183066
     [Google Scholar]
  7. GambaJ. RashedM. RazaghpanahA. TapiadorJ. Vallina-RodriguezN. An analysis of pre-installed android software.IEEE Symposium on Security and Privacy (SP)San Francisco, CA, USA, 2020, pp. 1039-1055.10.1109/SP40000.2020.00013
     [Google Scholar]
  8. ShrivastavaG. KumarP. GuptaD. RodriguesJ.J.P.C. Privacy issues of android application permissions: A literature review.Trans. Emerg. Telecommun. Technol.20203112e377310.1002/ett.3773
     [Google Scholar]
  9. AltuwaijriH. GhouzaliS. Android data storage security: A review.J. King Saud Univ., Comp. Info. Sci.202032554355210.1016/j.jksuci.2018.07.004
     [Google Scholar]
  10. AlepisE. PatsakisC. Unravelling security issues of runtime permissions in android.J. Hardw. Syst. Secur.201931456310.1007/s41635‑018‑0053‑2
     [Google Scholar]
  11. MartínA. Lara-CabreraR. CamachoD. A new tool for static and dynamic Android malware analysis.Proceedings of the 13th International FLINS Conference (FLINS 2018)2018, pp. 509-516.10.1142/9789813273238_0066
     [Google Scholar]
  12. AshawaM.A. MorrisS. Analysis of android malware detection techniques: A systematic review.IJCSDF20198317718710.17781/P002605
     [Google Scholar]
  13. BakourK. ÜnverH.M. GhanemR. The android malware static analysis: Techniques, limitations, and open challenges.3rd International Conference on Computer Science and Engineering (UBMK)Sarajevo, Bosnia and Herzegovina, 2018, pp. 586-593.10.1109/UBMK.2018.8566573
     [Google Scholar]
  14. RanaM.S. SungA.H. Malware analysis on Android using supervised machine learning techniques.Int. J. Comput. Commun. Eng.20187417818810.17706/IJCCE.2018.7.4.178‑188
     [Google Scholar]
  15. LiuK. XuS. XuG. ZhangM. SunD. LiuH. A review of android malware detection approaches based on machine learning.IEEE Access2020812457912460710.1109/ACCESS.2020.3006143
     [Google Scholar]
  16. SarkarA. GoyalA. HicksD. SarkarD. HazraS. Android application development: A brief overview of android platforms and evolution of security systems.Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC)Palladam, India, 2019, pp. 73-79.10.1109/I‑SMAC47947.2019.9032440
     [Google Scholar]
  17. BhatP. DuttaK. A survey on various threats and current state of security in android platform.ACM Comput. Surv.202052113510.1145/3301285
     [Google Scholar]
  18. GargS. BaliyanN. Android security assessment: A review, taxonomy and research gap study.Comput. Secur.202110010208710.1016/j.cose.2020.102087
     [Google Scholar]
  19. Mazuera-RozoA. Bautista-MoraJ. Linares-VásquezM. RuedaS. BavotaG. The Android OS stack and its vulnerabilities: An empirical study.Empir. Softw. Eng.20192442056210110.1007/s10664‑019‑09689‑7
     [Google Scholar]
  20. ConklinW.A. IT vs. OT security: A time to consider a change in CIA to include resilienc.49th Hawaii International Conference on System Sciences (HICSS)Koloa, HI, USA, 2016, pp. 2642-2647.10.1109/HICSS.2016.331
     [Google Scholar]
  21. ZhouY. JiangX. Dissecting android malware: Characterization and evolution.EEE Symposium on Security and PrivacySan Francisco, CA, USA, 2012, pp. 95-109.10.1109/SP.2012.16
     [Google Scholar]
  22. LalandeJ.F. Viet Triem TongV. GrauxP. HietG. MazurczykW. ChaouiH. BerthoméP. Teaching android mobile security.SIGCSE '19: Proceedings of the 50th ACM Technical Symposium on Computer Science Education2019, pp. 232-23810.1145/3287324.3287406
     [Google Scholar]
  23. FangZ. HanW. LiY. Permission based Android security: Issues and countermeasures.Comput. Secur. J.20144320521810.1016/j.cose.2014.02.007
     [Google Scholar]
  24. AhmedO. SallowA. Android security: A review.Acad. J. Nawroz. U.20176313514010.25007/ajnu.v6n3a97
     [Google Scholar]
  25. BergerH. HajajC. DvirA. Evasion is not enough: A case study of android malware.Cyber Security Cryptography and Machine LearningSpringerCham DolevS. KolesnikovV. LodhaS. Weissand G. 202016717410.1007/978‑3‑030‑49785‑9_11
     [Google Scholar]
  26. ElsersyW.F. FeizollahA. AnuarN.B. The rise of obfuscated Android malware and impacts on detection methods.PeerJ Comput. Sci.20228e90710.7717/peerj‑cs.90735494876
     [Google Scholar]
  27. FarukiP. BhanR. JainV. BhatiaS. El MadhounN. PamulaR. A Survey and evaluation of android-based malware evasion techniques and detection frameworks.Information (Basel)202314737410.3390/info14070374
     [Google Scholar]
  28. BelloL. PistoiaM. ARES: Triggering payload of evasive Android malware.MOBILESoft '18: Proceedings of the 5th International Conference on Mobile Software Engineering and Systems27 May 2018, pp. 2-1210.1145/3197231.3197239
     [Google Scholar]
  29. GarbaF.A. KunyaK.I. IbrahimS.A. IsaA.B. MuhammadK.M. WaliN.N. Evaluating the state of the art antivirus evasion tools on windows and android platform.2nd International Conference of the IEEE Nigeria Computer Chapter (NigeriaComputConf)Zaria, Nigeria, 2019, pp. 1-4.10.1109/NigeriaComputConf45974.2019.8949637
     [Google Scholar]
  30. FritzC. ArztS. RasthoferS. BoddenE. BartelA. KleinJ. Le TraonY. OcteauD. McDanielP. Highly precise taint analysis for android applications.Techinical Note, University of Luxembourg2013
     [Google Scholar]
  31. HuangW. DongY. MilanovaA. DolbyJ. Scalable and precise taint analysis for Android.ISSTA 2015: Proceedings of the 2015 International Symposium on Software Testing and Analysis2015, pp. 106-11710.1145/2771783.2771803
     [Google Scholar]
  32. ZhangJ. WangY. QiuL. RubinJ. Analyzing android taint analysis tools: FlowDroid, Amandroid, and DroidSafe.IEEE Trans. Softw. Eng.202248104014404010.1109/TSE.2021.3109563
     [Google Scholar]
  33. InayoshiH. KakeiS. SaitoS. Plug and analyze: Usable dynamic taint tracker for android apps.IEEE 22nd International Working Conference on Source Code Analysis and Manipulation (SCAM)Limassol, Cyprus, 2022, pp. 24-34.10.1109/SCAM55253.2022.00008
     [Google Scholar]
  34. LiW. YangB. YeH. XiangL. TaoQ. WangX. ZhouC. MiniTracker: Large-scale sensitive information tracking in mini apps.IEEE Trans. Depend. Secure Comput.20232142099211410.1109/TDSC.2023.3299945
     [Google Scholar]
  35. LokhandeB. DhavaleS. Overview of information flow tracking techniques based on taint analysis for android.2014 International Conference on Computing for Sustainable Global Development (INDIACom)New Delhi, India, 2014, pp. 749-753.10.1109/IndiaCom.2014.6828062
     [Google Scholar]
  36. YouW. LiangB. LiJ. ShiW. ZhangX. Android implicit information flow demystified.ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security14 April 2015, pp. 585-590.10.1145/2714576.2714604
     [Google Scholar]
  37. BhatiaT. KaushalR. Malware detection in android based on dynamic analysis.International Conference on Cyber Security And Protection Of Digital Services (Cyber Security)London, UK, 2017, pp. 1-6.10.1109/CyberSecPODS.2017.8074847
     [Google Scholar]
  38. PattaniK. GautamS. SonicEvasion: A stealthy ultrasound based invasion using covert communication in smart phones and its security.Int. J. Inf. Technol.20211341589159910.1007/s41870‑021‑00614‑0
     [Google Scholar]
  39. ChenX. LiC. WangD. WenS. ZhangJ. NepalS. XiangY. RenK. Android HIV: A study of repackaging malware for evading machine-learning detection.IEEE Trans. Inf. Forensics Security202015987100110.1109/TIFS.2019.2932228
     [Google Scholar]
  40. KatoH. SasakiT. SasaseI. Android malware detection based on composition ratio of permission pairs.IEEE Access2021913000613001910.1109/ACCESS.2021.3113711
     [Google Scholar]
  41. ShahriarH. IslamM. ClincyV. Android malware detection using permission analysis.SoutheastConConcord, NC, USA, 2017, pp. 1-6.10.1109/SECON.2017.7925347
     [Google Scholar]
  42. RovelliP. VigfússonÝ. PMDS: Permission-based malware detection system.Information Systems SecuritySpringerCham201410338357
     [Google Scholar]
  43. AlminS.B. ChatterjeeM. A novel approach to detect android malware.Procedia Comput. Sci.20154540741710.1016/j.procs.2015.03.170
     [Google Scholar]
  44. CavallaroL. SaxenaP. SekarR. Anti-taint-analysis: Practical evasion techniques against information flow based malware defense.Technical note, Stony Brook University2007
     [Google Scholar]
  45. PattaniK. GautamS. A stealthy evasive information invasion using covert channel in mobile phones.2021 International Conference on Artificial Intelligence and Machine Vision (AIMV)Gandhinagar, India, 2021, pp. 1-5.10.1109/AIMV53313.2021.9670998
     [Google Scholar]
  46. AfianianA. NiksefatS. SadeghiyanB. BaptisteD. Malware dynamic analysis evasion techniques: A survey.ACM Comput. Surv.202052612810.1145/3365001
     [Google Scholar]
  47. QaderS.M. HassanB.A. AhmedH.O. HamarashidH.K. Aspect oriented programming: Trends and applications.UKH J. Sci. Eng.202261122010.25079/ukhjse.v6n1y2022.pp12‑20
     [Google Scholar]
  48. AkhtarN. ZubairN. KumarA. AhmadT. Aspect based sentiment oriented summarization of hotel reviews.Procedia Comput. Sci.201711556357110.1016/j.procs.2017.09.115
     [Google Scholar]
  49. DoH.H. PrasadP.W.C. MaagA. AlsadoonA. Deep learning for aspect-based sentiment analysis: A comparative review.Expert Syst. Appl.201911827229910.1016/j.eswa.2018.10.003
     [Google Scholar]
  50. JainM. GopalaniD. Testing application security with aspects.2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT)Chennai, India, 2016, pp. 3161-3165.10.1109/ICEEOT.2016.7755285
     [Google Scholar]
  51. MouhebD. DebbabiM. PourzandiM. WangL. NouhM. ZiaratiR. AlhadidiD. TalhiC. LimaV. Aspect-oriented security hardening of UML design models.Springer International PublishingSwitzerland201510.1007/978‑3‑319‑16106‑8
     [Google Scholar]
  52. LewarskiT. Poniszewska-MarandaA. VeselýP. MikolášikM. Aspect programming with the use of AspectJ.Stud. Syst. Decis. Control.202133048755410.1007/978‑3‑030‑62151‑3_13
     [Google Scholar]
  53. MouhebD. DebbabiM. PourzandiM. WangL. NouhM. ZiaratiR. AlhadidiD. TalhiC. LimaV. MouhebD. DebbabiM. Aspect-Oriented Security Hardening of UML Design ModelsSpringer International PublishingSwitzerland2015698410.1007/978‑3‑319‑16106‑8
     [Google Scholar]
  54. McheickH. GodmaireS. Designing and implementing different use cases of aspect-oriented programming with AspectJ for developing mobile applications.ICSENT 2018: Proceedings of the 7th International Conference on Software Engineering and New Technologies26 December 2018, pp. 1-1810.1145/3330089.3330108
     [Google Scholar]
  55. MohiteS. JoshiS. Analysis of non-functional requirements with aspects-J programming.24th Topical Conference On Radio-frequency Power In PlasmasMumbai, India, October 12 2023, pp. 25-26.10.1063/5.0175780
     [Google Scholar]
  56. TebibM.E. GraaM. AndreP. A survey on secure android apps development life-cycle: Vulnerabilities and tools.Int. J. Adv. Secur.2023161 & 25471
     [Google Scholar]
  57. GautamS. PattaniK. ZuhairM. RashidM. AhmadN. Covertvasion: Depicting threats through covert channels based novel evasive attacks in android.Int. J. Intell. Netw.2023433734810.1016/j.ijin.2023.11.006
     [Google Scholar]
  58. EnckW. GilbertP. HanS. TendulkarV. ChunB.G. CoxL.P. JungJ. McDanielP. ShethA.N. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones.ACM Trans. Comput. Syst.201432212910.1145/2619091
     [Google Scholar]
  59. ArztS. RasthoferS. FritzC. BoddenE. BartelA. KleinJ. Le TraonY. OcteauD. McDanielP. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps.SIGPLAN Not.201449625926910.1145/2666356.2594299
     [Google Scholar]
  60. GordonMI. KimD. PerkinsJH. GilhamL. NguyenN. RinardMC. Information-flow analysis of android applications in DroidSafe.2015Available from: https://www.ndss-symposium.org/ndss2015/ndss-2015-programme/information-flow-analysis-android-applications-droidsafe/ 10.14722/ndss.2015.23089
     [Google Scholar]
  61. QiuL. WangY. RubinJ. Analyzing the analyzers: FlowDroid/IccTA, AmanDroid, and DroidSafe.ISSTA 2018: Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis12 July 2018, pp. 176-186.
     [Google Scholar]
  62. BeresfordA. MockDroid: trading privacy for application functionality on smartphonesHotMobile ’11 Proceedings of 12th Workshop on Mobile Computing Systems and ApplicationsPhoenix, Arizona, 2011, pp. 49-5410.1145/2184489.2184500
     [Google Scholar]
  63. ClauseetJ. Dytan: A generic dynamic taint analysis framework.Proceedings of the International Symposium on Software Testing and AnalysisNew York, USA, 09 July 2007, pp. 196-206.10.1145/1273463.1273490
     [Google Scholar]
  64. YangetZ. AppIntent: Analyzing sensitive data transmission in android for privacy leakage detection.CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityBerlin, Germany, 04 November 2013, pp. 1043-1054.10.1145/2508859.2516676
     [Google Scholar]
  65. YangZ. YangM. LeakMiner: Detect information leakage on android with static taint analysis.hird World Congress on Software EngineeringWuhan, China, 2012, pp. 101-104.10.1109/WCSE.2012.26
     [Google Scholar]
  66. LiL. IccTA: Detecting inter-component privacy leaks in android apps.IEEE/ACM 37th IEEE International Conference on Software EngineeringFlorence, Italy, 2015, pp. 280-291.10.1109/ICSE.2015.48
     [Google Scholar]
  67. Ali-GombeA. AspectDroid: Android app analysis systemProceedings of the Sixth ACM Conference on Data and Application Security and PrivacyNew Orleans, Louisiana, USA, 2016, pp. 145-147.10.1145/2857705.2857739
     [Google Scholar]
  68. RomanS. Soundcomber: A stealthy and contextaware sound trojan for smartphones.Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS)San Diego, CA, 2011, pp. 17-33.
     [Google Scholar]
  69. KumarS. ShuklaS.K. The state of android security.Cyber Security in IndiaSpringerSingapore20201722
     [Google Scholar]
  70. ZhangP. MucciniH. PoliniA. LiX. Run-time systems failure prediction via proactive monitoring.26th IEEE/ACM International Conference on Automated Software Engineering (ASE 2011)Lawrence, KS, USA, 2011, pp. 484-487.10.1109/ASE.2011.6100105
     [Google Scholar]
  71. Alonso LópezJ. Torres ViñalsJ. Berral GarcíaJ.L. Gavaldà MestreR. J2EE instrumentation for software aging root cause application component determination with AspectJ.IEEE International Symposium on Parallel & Distributed Processing, Workshops and Phd Forum (IPDPSW)Atlanta, GA, USA, 2010, pp. 1-8.10.1109/IPDPSW.2010.5470857
     [Google Scholar]
  72. DufourB. GoardC. HendrenL. De MoorO. SittampalamG. VerbruggeC. Measuring the dynamic behaviour of AspectJ programs.Technical Note, McGill University200410.1145/1028976.1028990
     [Google Scholar]
  73. Abijah RoselineS. GeethaS. A comprehensive survey of tools and techniques mitigating computer and mobile malware attacks.Comput. Electr. Eng.20219210714310.1016/j.compeleceng.2021.107143
     [Google Scholar]
  74. ChenL. XiaC. LeiS. WangT. Detection, traceability, and propagation of mobile malware threats.IEEE Access20219145761459810.1109/ACCESS.2021.3049819
     [Google Scholar]
  75. DhalariaM. GandotraE. Android malware detection techniques: A literature review.Recent Pat. Eng.202115222524510.2174/1872212114999200710143847
     [Google Scholar]
  76. Mazuera-RozoA. Escobar-VelásquezC. Espitia-AceroJ. Vega-GuzmánD. TrubianiC. Linares-VásquezM. BavotaG. Taxonomy of security weaknesses in Java and Kotlin Android apps.J. Syst. Softw.202218711123310.1016/j.jss.2022.111233
     [Google Scholar]
  77. GórskiT. SmarTS: A Java package for smart contract test suite generation and execution.SoftwareX20242610169810.1016/j.softx.2024.101698
     [Google Scholar]
  78. ElyasafA. CardozoN. SturmA. A framework for analyzing context-oriented programming languages.J. Syst. Softw.202319811161410.1016/j.jss.2023.111614
     [Google Scholar]
/content/journals/rascs/10.2174/0126662558308040241009061506
Loading
Utilizing AspectJ for Defense against Evasive Malware Attacks in Android System
Recent Advances in Computer Science and Communications 18, E26662558308040 (2025); https://doi.org/10.2174/0126662558308040241009061506
/content/journals/rascs/10.2174/0126662558308040241009061506
/content/journals/rascs/10.2174/0126662558308040241009061506
Loading

Data & Media loading...


  • Article Type:     Research Article
Keyword(s): android system; aspect-oriented programming; AspectJ; evasion; malware protection; taint analysis

Most Cited Most Cited RSS feed

This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error
Please enter a valid_number test