Literature review
A systematic literature review needs to be conducted on Android malware detection and android security. Research questions that need to be answered
are:
a) How can current research on Android application security analysis be categorised,
b) What is the existing status of android malware detection and android security,
c) Critical analysis of existing android malware detection techniques (static, dynamic, hybrid, machine learning) and frameworks (such as
Androguarad, DroidOLytics, MIGDroid, Dendroid etc etc) and their limitations
d) Finally, a clear gap in research and challenges must be found for future research direction.
Minimum of 100+ papers must be referenced.
Scope of systematic review must be clearly defined.
Systematic literature review must clearly define the search terms used for conducting and planning the literature review. It must define the
libraries which were searched for finding papers. Author must document the search i.e. Name of the database searched, search strategy for the
database, Date of search, Years covered by the search etc etc.
Reasons for excluding papers found during search must be clearly explained.
Inclusion criteria for papers must be clearly defined.
All papers must be categorized using all dimensions within the research questions taxonomy, with the results being recorded within the research
catalog/excel.
Systematic Literature review must include recent work as well, it must be up to date (till January 2018).
Harvard referencing style must be used throughout.
Systematic Literature review must also clearly define and explain each of the following list of items, additionallyall of the following information
must be provided in excel sheets with appropriate column names and sheet names.
1) List of Malware found so far
a) Name of malware
b) Family of malware
c) Year or date malware was found
d) How or who found the malware
e) Description of each malware
f) How malware works and how does it utilize weakness in Android
2) List of static analysis techniques used in literature to detect malware.
a) Names of static analysis techniques
b) Description of each technique
c) Literature papers that are using/referring these techniques
d) Detection rate for each technique
e) List of frameworks which are using these techniques
f) Types of malware that each technique can and cannot detect
g) URL of papers referencing technique
3) List of dynamic analysis techniques used in literature to detect malware.
a) Names of dynamic analysis techniques
b) Description of each technique
c) Literature papers that are using/referring these techniques
d) Detection rate for each technique
e) List of frameworks which are using these techniques
f) Types of malware that each technique can and cannot detect
g) URL of papers referencing technique
4) List of Machine learning analysis techniques used in literature to detect malware.
a) Names of machine learning techniques including all algorithms used
b) Description of each technique
c) Literature papers that are using/referring these techniques
d) Detection rate for each technique
e) List of frameworks which are using these techniques
f) Types of malware that each technique can and cannot detect
g) URL of papers referencing techniques
5) List of Hybrid techniques used in literature to detect malware
a) Names and description of each technique
b) Literature papers that are using/referring these techniques
c) Detection rate for each technique
d) List of frameworks which are using these techniques
e) Types of malware that each technique can and cannot detect
f) URL of papers referencing techniques
6) List of frameworks such as Androguarad, DroidOLytics, MIGDroid, Dendroid etc (just to name a few) used/referred in literature that have been
developed or proposed.
a) Description of each framework.
b) Techniques that each framework uses
c) Detection rate for each framework
d) Total sample (also break down of Malware sample and Benign sample)
e) Year published/developed
f) URL of papers referencing technique
7) List of malware attacks/evasions used/referred in literature to evade detection. Examples: Evasion attacks, Gradient descent attack, tree
ensemble attack, poisoning attacks: classifers, poisoning attacks clustering etc etc
a) Description of each evasions
b) How malware ‘game’ the existing algorithm to evade detection
c) Year published/developed
8) Evolution/trends of malware
