An exploratory study on the evolution of Android malware quality. Issue 11 (9th August 2018)
- Record Type:
- Journal Article
- Title:
- An exploratory study on the evolution of Android malware quality. Issue 11 (9th August 2018)
- Main Title:
- An exploratory study on the evolution of Android malware quality
- Authors:
- Mercaldo, Francesco
Di Sorbo, Andrea
Visaggio, Corrado Aaron
Cimitile, Aniello
Martinelli, Fabio - Editors:
- Gerardo, Canfora
- Abstract:
- Abstract: In the context of software engineering, product software quality measures how well a software artifact is designed and coded. Software products must satisfy nonfunctional properties (eg, reliability, usability, understandability, and maintainability), in order to make maintenance and evolution sustainable in the long period. Software evolution is an issue of interest for the malware writers, too, for 2 reasons. First, to evade detection with the minimum effort, malware writers use to produce "variants, " which are obtained by applying little changes to existing malware. Morevoer, recent studies demonstrated that malware is increasingly improving evasion strategies and infection mechanisms and is using more and more complex payloads. This suggests that malware writers are devoting relevant efforts and skills for producing high‐quality software. For this reason, we wonder whether malware writers are devoting effort to improve the structural quality of their code, too, as it happens in the development of goodware. To investigate this question, we (1) characterize a dataset containing about 20 000 Android applications, divided into goodware and malware ones, relying on the Android API version they require, and (2) compute software quality metrics, divided into 4 categories (ie, dimensional, complexity, object‐oriented, and Android‐oriented metrics) for apps belonging to each population. We then identify evolution trends of these metrics in malware and goodware. TheAbstract: In the context of software engineering, product software quality measures how well a software artifact is designed and coded. Software products must satisfy nonfunctional properties (eg, reliability, usability, understandability, and maintainability), in order to make maintenance and evolution sustainable in the long period. Software evolution is an issue of interest for the malware writers, too, for 2 reasons. First, to evade detection with the minimum effort, malware writers use to produce "variants, " which are obtained by applying little changes to existing malware. Morevoer, recent studies demonstrated that malware is increasingly improving evasion strategies and infection mechanisms and is using more and more complex payloads. This suggests that malware writers are devoting relevant efforts and skills for producing high‐quality software. For this reason, we wonder whether malware writers are devoting effort to improve the structural quality of their code, too, as it happens in the development of goodware. To investigate this question, we (1) characterize a dataset containing about 20 000 Android applications, divided into goodware and malware ones, relying on the Android API version they require, and (2) compute software quality metrics, divided into 4 categories (ie, dimensional, complexity, object‐oriented, and Android‐oriented metrics) for apps belonging to each population. We then identify evolution trends of these metrics in malware and goodware. The results of our study demonstrate that goodware and malicious applications exhibit similar evolution trends for some of the quality indicators, suggesting that malware writers care about the overall quality of their code. Code quality could be considered an indirect measure of how many and how fast variants of existing malware will be released in the wild. … (more)
- Is Part Of:
- Journal of software. Volume 30:Issue 11(2018)
- Journal:
- Journal of software
- Issue:
- Volume 30:Issue 11(2018)
- Issue Display:
- Volume 30, Issue 11 (2018)
- Year:
- 2018
- Volume:
- 30
- Issue:
- 11
- Issue Sort Value:
- 2018-0030-0011-0000
- Page Start:
- n/a
- Page End:
- n/a
- Publication Date:
- 2018-08-09
- Subjects:
- malware -- mobile applications -- software quality
Software engineering -- Periodicals
Computer software -- Development -- Periodicals
Software maintenance -- Periodicals
005.1 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)2047-7481 ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1002/smr.1978 ↗
- Languages:
- English
- ISSNs:
- 2047-7473
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8507.xml