Android malware detection and android security Literature review
A systematic literature review needs to be conducted on Android malware detection and android security. Research questions that need to be answered are:
a) How can current research on Android application security analysis be categorised,
b) What is the existing status of android malware detection and android security,
c) Critical analysis of existing android malware detection techniques (static, dynamic, hybrid, machine learning) and frameworks (such as Androguarad, DroidOLytics, MIGDroid, Dendroid etc etc) and their limitations. Please also note that I have provided the framework names as guide lines only so writer need to provide information on all available frameworks as part of literature review and excel sheets (separately).
d) Finally, a clear gap in research and challenges must be found for future research direction.
Minimum of 100+ papers must be referenced.
Scope of systematic review must be clearly defined.
Systematic literature review must clearly define the search terms used for conducting and planning the literature review. It must define the libraries which were searched for finding papers. Author must document the search i.e. Name of the database searched, search strategy for the database, Date of search, Years covered by the search etc etc.
Reasons for excluding papers found during search must be clearly explained.
Inclusion criteria for papers must be clearly defined.
All papers must be categorized using all dimensions within the research questions taxonomy, with the results being recorded within the research catalog/excel.
Systematic Literature review must include recent work as well, it must be up to date (till January 2018).
Harvard referencing style must be used throughout. All URL in referencing must have date accessed information.
UK academic English of high calibre must be used throughout.
Systematic Literature review must also clearly define and explain each of the following list of items, additionallyall of the following information must be provided in excel sheets with appropriate column names and sheet names.
1) List of Malware found so far
a) Name of malware
b) Family of malware
c) Year or date malware was found
d) How or who found the malware
e) Description of each malware
f) How malware works and how does it utilize weakness in Android
2) List of static analysis techniques used in literature to detect malware.
a) Names of static analysis techniques
b) Description of each technique
c) Literature papers that are using/referring these techniques
d) Detection rate for each technique
e) List of frameworks which are using these techniques
f) Types of malware that each technique can and cannot detect
g) URL of papers referencing technique
3) List of dynamic analysis techniques used in literature to detect malware.
a) Names of dynamic analysis techniques
b) Description of each technique
c) Literature papers that are using/referring these techniques
d) Detection rate for each technique
e) List of frameworks which are using these techniques
f) Types of malware that each technique can and cannot detect
g) URL of papers referencing technique
4) List of Machine learning analysis techniques used in literature to detect malware.
a) Names of machine learning techniques including all algorithms used
b) Description of each technique
c) Literature papers that are using/referring these techniques
d) Detection rate for each technique
e) List of frameworks which are using these techniques
f) Types of malware that each technique can and cannot detect
g) URL of papers referencing techniques
5) List of Hybrid techniques used in literature to detect malware
a) Names and description of each technique
b) Literature papers that are using/referring these techniques
c) Detection rate for each technique
d) List of frameworks which are using these techniques
e) Types of malware that each technique can and cannot detect
f) URL of papers referencing techniques
6) List of frameworks such as Androguarad, DroidOLytics, MIGDroid, Dendroid etc (just to name a few) used/referred in literature that have been developed or proposed.
a) Description of each framework.
b) Techniques that each framework uses
c) Detection rate for each framework
d) Total sample (also break down of Malware sample and Benign sample)
e) Year published/developed
f) URL of papers referencing technique
7) List of malware attacks/evasions used/referred in literature to evade detection. Examples: Evasion attacks, Gradient descent attack, tree ensemble attack, poisoning attacks: classifers, poisoning attacks clustering etc etc
a) Description of each evasions
b) How malware ‘game’ the existing algorithm to evade detection
c) Year published/developed
8) Evolution/trends of malware
