A survey of android application and malware hardening

In the age of increasing mobile and smart connectivity, malware poses an ever evolving threat to individuals, societies and nations. Anti-malware companies are often the first and only line of defense for mobile users. Driven by economic benefits, quantity and complexity of Android malware are increasing, thus making them difficult to detect. Malware authors employ multiple techniques (e.g. code obfuscation, packaging and encryption) to evade static analysis (signature based) and dynamic analysis (behavior based) detection methods. In this article, we present an overview of Android and its state of the art security services. We then present an exhaustive and analytic taxonomy of Android malware hardening techniques available in the literature. Furthermore, we review and analyze the code obfuscation and preventive techniques used by malware to evade detection. Hardening mechanisms are also popular amongst application developers to fortify against reverse engineering. Based on our in-depth survey, we highlight the issues related to them and manifest future directions. We believe the need to examine the effectiveness and efficiency of hardening techniques and their combination. (C) 2021 Elsevier Inc. All rights reserved.