Palo Alto Networks, Inc.
Static and dynamic security analysis of apps for mobile devices

Abstract:

Techniques for performing static and dynamic analysis on a mobile device application are disclosed. Static analysis is performed on a mobile device application using a static analysis engine. A set of static analysis results is generated. Dynamic analysis of the application is selectively customized based at least in part on a presence of a permission in the set of static analysis results. Dynamic analysis is performed using a dynamic analysis engine. A determination of whether the application is malicious is made based at least in part on the dynamic analysis.