[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"doc-detail-42873-en":3,"doc-seo-42873-105":30,"detail-sidebar-cat-0-en-105":91},{"code":4,"msg":5,"data":6},0,"success",{"doc_id":7,"user_id":8,"nickname":9,"user_avatar":10,"doc_module":4,"category_id":11,"category_name":12,"doc_title":13,"doc_description":14,"doc_content":15,"file_id":16,"file_url":17,"file_type":18,"file_size":19,"view_count":20,"is_deleted":4,"is_public":21,"is_downloadable":21,"audit_status":21,"page_count":22,"language":23,"language_code":24,"site_id":25,"html_lang":24,"table_of_contents":26,"faqs":27,"seo_title":13,"seo_description":14,"update_tm":28,"read_time":29},42873,549758146520,"Patrick","https://ap-avatar.wpscdn.com/avatar/80002397d8c0411e94?_k=1775819394049821470",6,"Technology","AVPASS Automatically Bypassing Android Malware Detection System","AVPASS presents an approach to automatically bypass Android anti-virus (AV) detection by transforming malicious APKs. The method infers AV features and rules, then obfuscates the Android binary while maintaining malicious functionality. The solution emphasizes preventing code leakage to avoid giving the AV engine observable adversary traces. It addresses the prevalence of Android malware and the weakness of existing AV systems when facing emerging and unknown detections.","AVPASS: Automatically Bypassing Android Malware Detection System  \nJinho Jung, Chanil Jeon, Max Wolotsky, Insu Yun, and Taesoo Kim Georgia Institute of Technology, July 27, 2017  \nAbout Us  \n􀁺 SSLab (@GT)  \n✓ Focusing on system and security research  \n✓  [https://sslab.gtisc.gatech.edu/](https://sslab.gtisc.gatech.edu/)  \n􀁺 ISTC-ARSA  \n✓ Intel Science & Technology Center for Adversary-Resilient Security Analytics  \n✓ Strengthening the analytics behind malware detection  \n✓  [http://www.iisp.gatech.edu/intel-arsa-center-georgia-tech/](http://www.iisp.gatech.edu/intel-arsa-center-georgia-tech/)  \nIn This Talk, We Will Introduce AVPASS  \n􀁺 Transform any Android malware to bypassAVs  \n✓ By inferring AV features and rules  \n✓ By obfuscating Android binary (APK)  \n✓ Yet supports preventing code leakage  \nTrend: Android Dominates Mobile OS Market  \nAndroid still leads mobile market  \nRegained share over iOS to achieve an 86 percent …  \n[http://www.businessinsider.com/smartphone-market-share-android-ios-windows-blackberry-2016-8](http://www.businessinsider.com/smartphone-market-share-android-ios-windows-blackberry-2016-8)  \n[http://www.gartner.com/newsroom/id/3415117](http://www.gartner.com/newsroom/id/3415117)  \nProblem: Android Malware Becomes More Prevalent  \n8,400 new Android malware everyday  \nSecurity experts expect around  \n3.5 million new Android malware apps for 2017  \n[https://www.gdatasoftware.com/blog/2017/04/29712-8-400-new-android-malware-samples-every-day](https://www.gdatasoftware.com/blog/2017/04/29712-8-400-new-android-malware-samples-every-day)  \nOne solution: Protecting Mobile Devices with Anti-Virus  \nThere are over 50 Android anti-virus software in market  \n[https://www.av-test.org/en/antivirus/mobile-devices/](https://www.av-test.org/en/antivirus/mobile-devices/)  \nUnfortunately, AV Solutions Known to be Weak  \n(example: JAVA malware)  \n* Developing Managed Code Rootkits for the Java Runtime Environment, Benjamin Holland, DEFCON 24 7  \nWhat About Android Malware?  \n\n| \u003Cbr>Malware |  | Malware!\u003Cbr>\u003Cbr> |\n| --- | --- | --- |\n\nWhat About Android Malware? How easy it to bypass AV software?  \n\n| \u003Cbr>Malware |  |  |  |  |\n| --- | --- | --- | --- | --- |\n|  |  |  | \u003Cbr>\u003Cbr>Benign App |  |\n|  |  |  |  |  |\n\nChallenges: Bypassing Unknown AV Solutions  \n\n| ① Transforming without destroying\u003Cbr>malicious features\u003Cbr>\u003Cbr>\u003Cbr>② No pre-knowledge of AV features\u003Cbr>③ Interact without leaking own malicious features |  |\n| --- | --- |","cbCaifhJ26RsYsD0","https://ap.wps.com/l/cbCaifhJ26RsYsD0","pdf",5346323,3,1,72,"English","en",105,"# AVPASS and its goal\n## Transforming Android malware to bypass AVs\n## Inferring AV features and rules\n## Obfuscating Android APKs\n## Preventing code leakage\n# Motivation and problem\n## Android market dominance\n## Growth of Android malware\n## Limitations of existing AV solutions\n# Technical challenges","[{\"question\":\"What is AVPASS designed to do for Android malware?\",\"answer\":\"AVPASS automatically transforms Android malware to bypass anti-virus (AV) detection systems by inferring AV features and rules and obfuscating the APK.\"},{\"question\":\"How does AVPASS generate a bypass without breaking malicious behavior?\",\"answer\":\"It focuses on transforming malware without destroying malicious features, so the malware remains effective while detection is avoided.\"},{\"question\":\"What are the main challenges AVPASS targets?\",\"answer\":\"It addresses bypassing unknown AV solutions, including transforming safely, operating without pre-knowledge of AV features, and interacting without leaking the adversary’s malicious features.\"}]",1783372261,181,{"code":4,"msg":31,"data":32},"ok",{"site_id":25,"language":24,"slug":33,"title":13,"keywords":34,"description":14,"schema_data":35,"social_meta":86,"head_meta":88,"extra_data":90,"updated_unix":28},"avpass-automatically-bypassing-android-malware-detection-system","",{"@graph":36,"@context":85},[37,53,68],{"@type":38,"itemListElement":39},"BreadcrumbList",[40,44,48,50],{"item":41,"name":42,"@type":43,"position":21},"https://docshare.wps.com","Home","ListItem",{"item":45,"name":46,"@type":43,"position":47},"https://docshare.wps.com/document/","Document",2,{"item":49,"name":12,"@type":43,"position":20},"https://docshare.wps.com/document/technology/",{"item":51,"name":13,"@type":43,"position":52},"https://docshare.wps.com/document/avpass-automatically-bypassing-android-malware-detection-system/42873/",4,{"url":51,"name":13,"@type":54,"author":55,"headline":13,"publisher":57,"fileFormat":60,"inLanguage":24,"description":14,"dateModified":61,"datePublished":62,"encodingFormat":60,"isAccessibleForFree":63,"interactionStatistic":64},"DigitalDocument",{"name":9,"@type":56},"Person",{"url":41,"name":58,"@type":59},"DocShare","Organization","application/pdf","2026-07-12","2026-07-06",true,{"@type":65,"interactionType":66,"userInteractionCount":20},"InteractionCounter",{"@type":67},"ViewAction",{"@type":69,"mainEntity":70},"FAQPage",[71,77,81],{"name":72,"@type":73,"acceptedAnswer":74},"What is AVPASS designed to do for Android malware?","Question",{"text":75,"@type":76},"AVPASS automatically transforms Android malware to bypass anti-virus (AV) detection systems by inferring AV features and rules and obfuscating the APK.","Answer",{"name":78,"@type":73,"acceptedAnswer":79},"How does AVPASS generate a bypass without breaking malicious behavior?",{"text":80,"@type":76},"It focuses on transforming malware without destroying malicious features, so the malware remains effective while detection is avoided.",{"name":82,"@type":73,"acceptedAnswer":83},"What are the main challenges AVPASS targets?",{"text":84,"@type":76},"It addresses bypassing unknown AV solutions, including transforming safely, operating without pre-knowledge of AV features, and interacting without leaking the adversary’s malicious features.","https://schema.org",{"og:url":51,"og:type":87,"og:title":13,"og:site_name":58,"og:description":14},"article",{"robots":89,"canonical":51},"index,follow",{"doc_id":7,"site_id":25},{"code":4,"msg":5,"data":92},[93,97,101,105,110,113,118,123,128,131,135],{"id":21,"doc_module":4,"doc_module_name":46,"category_name":94,"show_sort_weight":95,"slug":96},"Story & Novel",90,"story-novel",{"id":47,"doc_module":4,"doc_module_name":46,"category_name":98,"show_sort_weight":99,"slug":100},"Literature",80,"literature",{"id":52,"doc_module":4,"doc_module_name":46,"category_name":102,"show_sort_weight":103,"slug":104},"Exam",70,"exam",{"id":106,"doc_module":4,"doc_module_name":46,"category_name":107,"show_sort_weight":108,"slug":109},5,"Comic",60,"comic",{"id":11,"doc_module":4,"doc_module_name":46,"category_name":12,"show_sort_weight":111,"slug":112},50,"technology",{"id":114,"doc_module":4,"doc_module_name":46,"category_name":115,"show_sort_weight":116,"slug":117},7,"Healthcare",40,"healthcare",{"id":119,"doc_module":4,"doc_module_name":46,"category_name":120,"show_sort_weight":121,"slug":122},8,"Research & Report",30,"research-report",{"id":124,"doc_module":4,"doc_module_name":46,"category_name":125,"show_sort_weight":126,"slug":127},9,"Religion & Spirituality",20,"religion-spirituality",{"id":126,"doc_module":4,"doc_module_name":46,"category_name":129,"show_sort_weight":126,"slug":130},"World Cup","world-cup",{"id":132,"doc_module":4,"doc_module_name":46,"category_name":133,"show_sort_weight":132,"slug":134},10,"Lifestyle","lifestyle",{"id":136,"doc_module":4,"doc_module_name":46,"category_name":137,"show_sort_weight":106,"slug":138},19,"General","general"]