US 9,811,665 B1
Static and dynamic security analysis of apps for mobile devices
Zhi Xu, San Jose, CA (US); Xinran Wang, San Ramon, CA (US); and Huagang Xie, Pleasanton, CA (US)
Assigned to Palo Alto Networks, Inc., Santa Clara, CA (US)
Filed by Palo Alto Networks, Inc., Santa Clara, CA (US)
Filed on Jul. 30, 2013, as Appl. No. 13/954,815.
Int. Cl. G06F 21/56 (2013.01)
CPC G06F 21/566 (2013.01) 20 Claims
OG exemplary drawing
 
14. A method, comprising:
performing static analysis on a mobile device application using a static analysis engine to generate a static analysis report associated with the application;
performing dynamic analysis of the application using a dynamic analysis engine, wherein the dynamic analysis is customized based on results of the static analysis, wherein performing dynamic analysis includes emulating a mobile device, wherein performing dynamic analysis includes simulating an event external to the mobile device, and wherein performing dynamic analysis includes: (1) performing a first stage of dynamic analysis, (2) initiating a reboot event, and (3) performing a second stage of dynamic analysis after the reboot event occurs; and
determining whether the application is malicious based at least in part on the dynamic analysis.