The Android Malware Handbook

Detection and Analysis by Human and Machine

Written by machine-learning researchers and members of the Android Security team, this all-star guide tackles the analysis and detection of malware that targets the Android operating system.

This groundbreaking guide to Android malware distills years of research by machine learning experts in academia and members of Meta and Google’s Android Security teams into a comprehensive introduction to detecting common threats facing the Android eco-system today.

Explore the history of Android malware in the wild since the operating system first launched and then practice static and dynamic approaches to analyzing real malware specimens. Next, examine machine learning techniques that can be used to detect malicious apps, the types of classification models that defenders can implement to achieve these detections, and the various malware features that can be used as input to these models. Adapt these machine learning strategies to the identifica-tion of malware categories like banking trojans, ransomware, and SMS fraud.

You’ll:

  • Dive deep into the source code of real malware
  • Explore the static, dynamic, and complex features you can extract from malware for analysis
  • Master the machine learning algorithms useful for malware detection
  • Survey the efficacy of machine learning techniques at detecting common Android malware categories

The Android Malware Handbook’s team of expert authors will guide you through the Android threat landscape and prepare you for the next wave of malware to come.
"A comprehensive introduction to Android malware and its analysis."
—Maik Morgenstern, CTO at AV-TEST

"An indispensable resource for both security professionals and enthusiasts, offering unparalleled insights into the intricacies of Android malware and empowering readers to effectively guard against this pervasive threat."
—Dimitrios Valsamaras, Senior Security Researcher at Microsoft (formerly worked on Android at Google)

"Comprehensive and exceptionally user friendly, The Android Malware Handbook should be considered essential reading for anyone with an interest in computer viruses, computer software testing, and computer hacking."
—Midwest Book Review
Qian Han, Research Scientist at Meta since 2021, received his PhD in Computer Science from Dartmouth College and his Bachelor’s in Electronic Engineering from Tsinghua University, Beijing, China.

Salvador Mandujano, Security Engineering Manager at Google, has led product security engineering, malware reverse engineering and payments security teams. Before Google, he held senior security research and architecture positions at Intel and Nvidia. He has a PhD in Artificial Intelligence from Tecnológico de Monterrey, an MSc in Computer Science from Purdue, an MBA from The University of Texas, and a BSc in Computer Engineering from Universidad Nacional Autónoma de México.

Sebastian Porst is manager of Google’s Android Application Security Research team, which tries to predict or research novel attacks on Android devices and Android users by malware or through app vulnerabilities. He has an MSc Masters from Trier University of Applied Sciences, Germany in 2007.

V.S. Subrahmanian is the Walter P. Murphy Professor of Computer Science and Buffet Faculty Fellow in the Buffet Institute of Global Affairs at Northwestern University. Prof. Subrahmanian is one of the world’s foremost experts at the intersection of AI and security issues. He has written eight books, edited ten, and published over 300 refereed articles.

Sai Deep Tetali, Principal Engineer and Tech Lead Manager at Meta, works on privacy solutions for augmented and virtual reality applications. He spent 5 years at Google developing machine learning techniques to detect Android malware and has a PhD from University of California Los Angeles.

Yanhai Xiong is currently an Assistant Professor in the Department of Computer Science and Engineering at the University of Louisville. She has a PhD from Nanyang Technological University focusing on applying AI techniques to improve the efficiency of electric vehicle infrastructure and a BS in Engineering from the University of Science and Technology of China.
Foreword
Introduction
Part 1: A Primer on Android Malware
Chapter 1: Introduction to Android Security
Chapter 2: Android Malware in the Wild
Part 2: Manual Analysis
Chapter 3: Static Analysis
Chapter 4: Dynamic Analysis
Part 3: Machine Learning Detection
Chapter 5: Machine Learning Fundamentals
Chapter 6: Machine Learning Features
Chapter 7: Rooting Malware
Chapter 8: Spyware
Chapter 9: Banking Trojans
Chapter 10: Ransomware
Chapter 11: SMS Fraud
Chapter 12: The Future of Android Malware
Index

About

Written by machine-learning researchers and members of the Android Security team, this all-star guide tackles the analysis and detection of malware that targets the Android operating system.

This groundbreaking guide to Android malware distills years of research by machine learning experts in academia and members of Meta and Google’s Android Security teams into a comprehensive introduction to detecting common threats facing the Android eco-system today.

Explore the history of Android malware in the wild since the operating system first launched and then practice static and dynamic approaches to analyzing real malware specimens. Next, examine machine learning techniques that can be used to detect malicious apps, the types of classification models that defenders can implement to achieve these detections, and the various malware features that can be used as input to these models. Adapt these machine learning strategies to the identifica-tion of malware categories like banking trojans, ransomware, and SMS fraud.

You’ll:

  • Dive deep into the source code of real malware
  • Explore the static, dynamic, and complex features you can extract from malware for analysis
  • Master the machine learning algorithms useful for malware detection
  • Survey the efficacy of machine learning techniques at detecting common Android malware categories

The Android Malware Handbook’s team of expert authors will guide you through the Android threat landscape and prepare you for the next wave of malware to come.

Reviews

"A comprehensive introduction to Android malware and its analysis."
—Maik Morgenstern, CTO at AV-TEST

"An indispensable resource for both security professionals and enthusiasts, offering unparalleled insights into the intricacies of Android malware and empowering readers to effectively guard against this pervasive threat."
—Dimitrios Valsamaras, Senior Security Researcher at Microsoft (formerly worked on Android at Google)

"Comprehensive and exceptionally user friendly, The Android Malware Handbook should be considered essential reading for anyone with an interest in computer viruses, computer software testing, and computer hacking."
—Midwest Book Review

Author

Qian Han, Research Scientist at Meta since 2021, received his PhD in Computer Science from Dartmouth College and his Bachelor’s in Electronic Engineering from Tsinghua University, Beijing, China.

Salvador Mandujano, Security Engineering Manager at Google, has led product security engineering, malware reverse engineering and payments security teams. Before Google, he held senior security research and architecture positions at Intel and Nvidia. He has a PhD in Artificial Intelligence from Tecnológico de Monterrey, an MSc in Computer Science from Purdue, an MBA from The University of Texas, and a BSc in Computer Engineering from Universidad Nacional Autónoma de México.

Sebastian Porst is manager of Google’s Android Application Security Research team, which tries to predict or research novel attacks on Android devices and Android users by malware or through app vulnerabilities. He has an MSc Masters from Trier University of Applied Sciences, Germany in 2007.

V.S. Subrahmanian is the Walter P. Murphy Professor of Computer Science and Buffet Faculty Fellow in the Buffet Institute of Global Affairs at Northwestern University. Prof. Subrahmanian is one of the world’s foremost experts at the intersection of AI and security issues. He has written eight books, edited ten, and published over 300 refereed articles.

Sai Deep Tetali, Principal Engineer and Tech Lead Manager at Meta, works on privacy solutions for augmented and virtual reality applications. He spent 5 years at Google developing machine learning techniques to detect Android malware and has a PhD from University of California Los Angeles.

Yanhai Xiong is currently an Assistant Professor in the Department of Computer Science and Engineering at the University of Louisville. She has a PhD from Nanyang Technological University focusing on applying AI techniques to improve the efficiency of electric vehicle infrastructure and a BS in Engineering from the University of Science and Technology of China.

Table of Contents

Foreword
Introduction
Part 1: A Primer on Android Malware
Chapter 1: Introduction to Android Security
Chapter 2: Android Malware in the Wild
Part 2: Manual Analysis
Chapter 3: Static Analysis
Chapter 4: Dynamic Analysis
Part 3: Machine Learning Detection
Chapter 5: Machine Learning Fundamentals
Chapter 6: Machine Learning Features
Chapter 7: Rooting Malware
Chapter 8: Spyware
Chapter 9: Banking Trojans
Chapter 10: Ransomware
Chapter 11: SMS Fraud
Chapter 12: The Future of Android Malware
Index