Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications presented at NDSS 2014

by Christopher Kruegel, Giovanni Vigna, Sebastian Poeplau, Yanick Fratantonio, Antonio Bianchi,

Summary : Android allows applications to load additional code from external sources at runtime. We demonstrate that this introduces vulnerabilities in a considerable number of benign applications, while it allows malware to evade offline analysis systems, such as the Google Bouncer. Finally, we propose a modification to Android to counter this threat.