MUST READ

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

DARPA is developing a tool do detect Android Malware

Pierluigi Paganini April 09, 2015

A team or researchers sponsored by the US DARPA has developed a new innovative tool to improve the detection of Android malware.

The blue team of DARPA (Defense Advanced Research Projects Agency) backed up by Iowa State University researchers are developing a tool that will help with Android malware analysis.

The features used by the blue team include “smells” which uses stronger heuristics to understand if exits any trace of malware.  Benjamin Holland, Tom Deering, and Suresh Kothari are in charge of producing the platform to be presented at ICSE, next month.

android-malware

The idea of creating such platform appeared in last year’s conference where it was said:

“We have to go through (USAF Colonel) John Boyd’s OODA loop of observe, orient, decide and act several times throughout an audit — the key point is that the Security Toolbox helps us iterate through that loop faster which is what determines success,”

In their paper called “Security Toolbox for Detecting Novel and Sophisticated Android Malware” the experts provided the following description of the approach:

“Our novel human-in-loop approach to detect Android malware minimizes human effort by allowing the human to use the evidence produced by the machine to focus their effort on further machine-assisted reasoning. This affords greater opportunity to detect malware that is not on the radar of an automated analyzer; the what-if experimentation capability provided by the machine enables the user to posit attacker’s intentions, hypothesis about the attacker’s modus operandi and tailor queries to detect sophisticated malware. Thus, our approach increases automation, reduces human effort and error, and provides valuable machine assistance to detect novel and sophisticated malware.”

In their tests, the team accurately detected 66 Android malicious apps (created by DARPA’s red team), scoring an amazing 85.7% of detection, beating the top tools used in the market nowadays.

Another goal with the creation of this tool, was to reduce the human effort in malware detection. For me, especially this is great news, since I work in the field, and sometimes these tasks are time consuming and difficult to detect. This solution sure can provide an evolution and can be a time safer.

About the Author Elsio Pinto

Elsio Pinto is at the moment the Lead Mcafee Security Engineer at Swiss Re, but he also as knowledge in the areas of malware research, forensics, ethical hacking. He had previous experiences in major institutions being the European Parliament one of them. He is a security enthusiast and tries his best to pass his knowledge. He also owns his own blog http://high54security.blogspot.com/

Pierluigi Paganini

(Security Affairs –  DARPA, Android)

 

Android DARPA malicious apps malware mobile

you might also like

Pierluigi Paganini July 11, 2025
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini July 10, 2025
UK NCA arrested four people over M&S, Co-op cyberattacks
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

Uncategorized / July 11, 2025

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

Hacking / July 11, 2025

UK NCA arrested four people over M&S, Co-op cyberattacks

Cyber Crime / July 10, 2025

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

Hacking / July 10, 2025

Qantas data breach impacted 5.7 million individuals

Data Breach / July 10, 2025