To see the other types of publications on this topic, follow the link: Mobile malware detection.
Journal articles on the topic 'Mobile malware detection'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Mobile malware detection.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Yildiz, Oktay, and Ibrahim Alper Doğru. "Permission-based Android Malware Detection System Using Feature Selection with Genetic Algorithm." International Journal of Software Engineering and Knowledge Engineering 29, no. 02 (February 2019): 245–62. http://dx.doi.org/10.1142/s0218194019500116.
Full textAbstract:
As the use of smartphones increases, Android, as a Linux-based open source mobile operating system (OS), has become the most popular mobile OS in time. Due to the widespread use of Android, malware developers mostly target Android devices and users. Malware detection systems to be developed for Android devices are important for this reason. Machine learning methods are being increasingly used for detection and analysis of Android malware. This study presents a method for detecting Android malware using feature selection with genetic algorithm (GA). Three different classifier methods with different feature subsets that were selected using GA were implemented for detecting and analyzing Android malware comparatively. A combination of Support Vector Machines and a GA yielded the best accuracy result of 98.45% with the 16 selected permissions using the dataset of 1740 samples consisting of 1119 malwares and 621 benign samples.
2
Swetha, K., and K. V.D.Kiran. "Survey on Mobile Malware Analysis and Detection." International Journal of Engineering & Technology 7, no. 2.32 (May 31, 2018): 279. http://dx.doi.org/10.14419/ijet.v7i2.32.15584.
Full textAbstract:
The amazing advances of mobile phones enable their wide utilize. Since mobiles are joined with pariah applications, bundles of security and insurance issues are incited. But, current mobile malware analysis and detection advances are as yet flawed, incapable, and incomprehensive. On account of particular qualities of mobiles such as constrained assets, user action and neighborhood correspondence ability, consistent system network, versatile malware detection faces new difficulties, particularly on remarkable runtime malware area. This paper provides overview on malware classification, methodologies of assessment, analysis and on and off device detection methods on android. The work mainly focuses on different classification algorithms which are used as a part of dynamic malware detection on android.
3
Jang, Jae-wook, and Huy Kang Kim. "Function-Oriented Mobile Malware Analysis as First Aid." Mobile Information Systems 2016 (2016): 1–11. http://dx.doi.org/10.1155/2016/6707524.
Full textAbstract:
Recently, highly well-crafted mobile malware has arisen as mobile devices manage highly valuable and sensitive information. Currently, it is impossible to detect and prevent all malware because the amount of new malware continues to increase exponentially; malware detection methods need to improve in order to respond quickly and effectively to malware. For the quick response, revealing the main purpose or functions of captured malware is important; however, only few recent works have attempted to find malware’s main purpose. Our approach is designed to help with efficient and effective incident responses or countermeasure development by analyzing the main functions of malicious behavior. In this paper, we propose a novel method for function-oriented malware analysis approach based on analysis of suspicious API call patterns. Instead of extracting API call patterns for malware in each family, we focus on extracting such patterns for certain malicious functionalities. Our proposed method dumps memory sections where an application is allocated and extracts suspicious API sequences from bytecode by comparing with predefined suspicious API lists. By matching API call patterns with our functionality database, our method determines whether they are malicious. The experiment results demonstrate that our method performs well in detecting malware with high accuracy.
4
M., Duraipandian, and Vinothkanna R. "MACHINE LEARNING BASED AUTOMATIC PERMISSION GRANTING AND MALWARE IDENTIFICATION." December 2019 01, no. 02 (December 23, 2019): 96–107. http://dx.doi.org/10.36548/jitdw.2019.2.005.
Full textAbstract:
The mobile device have gained an imperative predominance in the daily routine of our lives, by keeping us connected to the real world seamlessly. Most of the mobile devices are built on android whose security mechanism is totally permission based controlling the applications from accessing the core details of the devices and the users. Even after understanding the permission system often the mobile user are ignorant about the common threat, due to the applications popularity and proceed with the installation process not aware of the targets of the application developer. The aim of the paper is to devise malware detection with the automatic permission granting employing the machine learning techniques. The different machine learning methods are engaged in the malware detection and analyzed. The results are observed to note down the approaches that aids better in enhancing the user awareness and reducing the malware threats, by detecting the malwares of the applications.
5
Bibi, Iram, Adnan Akhunzada, Jahanzaib Malik, Muhammad Khurram Khan, and Muhammad Dawood. "Secure Distributed Mobile Volunteer Computing with Android." ACM Transactions on Internet Technology 22, no. 1 (February 28, 2022): 1–21. http://dx.doi.org/10.1145/3428151.
Full textAbstract:
Volunteer Computing provision of seamless connectivity that enables convenient and rapid deployment of greener and cheaper computing infrastructure is extremely promising to complement next-generation distributed computing systems. Undoubtedly, without tactile Internet and secure VC ecosystems, harnessing its full potentials and making it an alternative viable and reliable computing infrastructure is next to impossible. Android-enabled smart devices, applications, and services are inevitable for Volunteer computing. Contrarily, the progressive developments of sophisticated Android malware may reduce its exponential growth. Besides, Android malwares are considered the most potential and persistent cyber threat to mobile VC systems. To secure Android-based mobile volunteer computing, the authors proposed MulDroid, an efficient and self-learning autonomous hybrid (Long-Short-Term Memory, Convolutional Neural Network, Deep Neural Network) multi-vector Android malware threat detection framework. The proposed mechanism is highly scalable with well-coordinated infrastructure and self-optimizing capabilities to proficiently tackle fast-growing dynamic variants of sophisticated malware threats and attacks with 99.01% detection accuracy. For a comprehensive evaluation, the authors employed current state-of-the-art malware datasets (Android Malware Dataset, Androzoo) with standard performance evaluation metrics. Moreover, MulDroid is compared with our constructed contemporary hybrid DL-driven architectures and benchmark algorithms. Our proposed mechanism outperforms in terms of detection accuracy with a trivial tradeoff speed efficiency. Additionally, a 10-fold cross-validation is performed to explicitly show unbiased results.
6
Du, Yao, Mengtian Cui, and Xiaochun Cheng. "A Mobile Malware Detection Method Based on Malicious Subgraphs Mining." Security and Communication Networks 2021 (April 17, 2021): 1–11. http://dx.doi.org/10.1155/2021/5593178.
Full textAbstract:
As mobile phone is widely used in social network communication, it attracts numerous malicious attacks, which seriously threaten users’ personal privacy and data security. To improve the resilience to attack technologies, structural information analysis has been widely applied in mobile malware detection. However, the rapid improvement of mobile applications has brought an impressive growth of their internal structure in scale and attack technologies. It makes the timely analysis of structural information and malicious feature generation a heavy burden. In this paper, we propose a new Android malware identification approach based on malicious subgraph mining to improve the detection performance of large-scale graph structure analysis. Firstly, function call graphs (FCGs), sensitive permissions, and application programming interfaces (APIs) are generated from the decompiled files of malware. Secondly, two kinds of malicious subgraphs are generated from malware’s decompiled files and put into the feature set. At last, test applications’ safety can be automatically identified and classified into malware families by matching their FCGs with malicious structural features. To evaluate our approach, a dataset of 11,520 malware and benign applications is established. Experimental results indicate that our approach has better performance than three previous works and Androguard.
7
He, Gaofeng, Bingfeng Xu, Lu Zhang, and Haiting Zhu. "On-Device Detection of Repackaged Android Malware via Traffic Clustering." Security and Communication Networks 2020 (May 31, 2020): 1–19. http://dx.doi.org/10.1155/2020/8630748.
Full textAbstract:
Malware has become a significant problem on the Android platform. To defend against Android malware, researchers have proposed several on-device detection methods. Typically, these on-device detection methods are composed of two steps: (i) extracting the apps’ behavior features from the mobile devices and (ii) sending the extracted features to remote servers (such as a cloud platform) for analysis. By monitoring the behaviors of the apps that are running on mobile devices, available methods can detect suspicious applications (simply, apps) accurately. However, mobile devices are typically resource limited. The feature extraction and massive data transmission might consume substantial power and CPU resources; thus, the performance of mobile devices will be degraded. To address this issue, we propose a novel method for detecting Android malware by clustering apps’ traffic at the edge computing nodes. First, a new integrated architecture of the cloud, edge, and mobile devices for Android malware detection is presented. Then, for repackaged Android malware, the network traffic content and statistics are extracted at the edge as detection features. Finally, in the cloud, similarities between apps are calculated, and the similarity values are automatically clustered to separate the original apps and the malware. The experimental results demonstrate that the proposed method can detect repackaged Android malware with high precision and with a minimal impact on the performance of mobile devices.
8
Mazaed Alotaibi, Fahad, and Fawad. "A Multifaceted Deep Generative Adversarial Networks Model for Mobile Malware Detection." Applied Sciences 12, no. 19 (September 20, 2022): 9403. http://dx.doi.org/10.3390/app12199403.
Full textAbstract:
Malware’s structural transformation to withstand the detection frameworks encourages hackers to steal the public’s confidential content. Researchers are developing a protective shield against the intrusion of malicious malware in mobile devices. The deep learning-based android malware detection frameworks have ensured public safety; however, their dependency on diverse training samples has constrained their utilization. The handcrafted malware detection mechanisms have achieved remarkable performance, but their computational overheads are a major hurdle in their utilization. In this work, Multifaceted Deep Generative Adversarial Networks Model (MDGAN) has been developed to detect malware in mobile devices. The hybrid GoogleNet and LSTM features of the grayscale and API sequence have been processed in a pixel-by-pixel pattern through conditional GAN for the robust representation of APK files. The generator produces syntactic malicious features for differentiation in the discriminator network. Experimental validation on the combined AndroZoo and Drebin database has shown 96.2% classification accuracy and a 94.7% F-score, which remain superior to the recently reported frameworks.
9
Rahul Y. Pawar, Mr, and Dr C.Mahesh. "A Survey on Malware Detection Techniques on Linux Powered Smart Phones using Machine Learning Approaches." International Journal of Engineering & Technology 7, no. 3.34 (September 1, 2018): 8. http://dx.doi.org/10.14419/ijet.v7i3.34.18706.
Full textAbstract:
Mobile Phone manufacturers are continuously working to take move on with rapid pace on their new models and to match with the need of customer, they need to customize their system. However the security scenarios of such practice are not that known, due to this various malware and viruses are increasing day by day and causing harm to the devices. Due to the substantial damage caused by malware in last few years certain significant efforts on developing detection and defense mechanism against malwares. For detecting such malicious applications and malwares a security system should be developed which will target such anomaly or outliers in system. In data mining anomaly detection system plays a major role by monitoring the behavior of an application and categorizing them in to normal and abnormal to detect malwares present in the system.
10
Guo, Dai Fei, Jian Jun Hu, Ai Fen Sui, Guan Zhou Lin, and Tao Guo. "The Abnormal Mobile Malware Analysis Based on Behavior Categorization." Advanced Materials Research 765-767 (September 2013): 994–97. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.994.
Full textAbstract:
With the explosive growth of mobile malware in mobile internet, many polymorphic and metamorphic mobile malware appears and causes difficulty of detection. A mobile malware network behavior data mining method based on behavior categorization is proposed to detect the behavior of new or metamorphic mobile malware. The network behavior is divided into different categories after analyzing the behavior character of mobile malware and those different behavior data of known malware and normal action are used to train the Naïve Bayesian classifier respectively. Those Naïve Bayesian classifiers are used to detect the mobile malware network behavior. The experiment result shows that Behavior Categorization based Naïve Bayesian Classifier (BCNBC) can improve the detection accuracy and it can meet the requirement of real time process in mobile internet.
11
Aboshady, Doaa, Naglaa Ghannam, Eman Elsayed, and Lamiaa Diab. "The Malware Detection Approach in the Design of Mobile Applications." Symmetry 14, no. 5 (April 19, 2022): 839. http://dx.doi.org/10.3390/sym14050839.
Full textAbstract:
Background: security has become a major concern for smartphone users in line with the increasing use of mobile applications, which can be downloaded from unofficial sources. These applications make users vulnerable to penetration and viruses. Malicious software (malware) is unwanted software that is frequently used by cybercriminals to launch cyber-attacks. Therefore, the motive of the research was to detect malware early before infection by discovering it at the application-design level and not at the code level, where the virus will have already damaged the system. Methods: in this article, we proposed a malware detection method at the design level based on reverse engineering, the unified modeling language (UML) environment, and the web ontology language (OWL). The proposed method detected “Data_Send_Trojan” malware by designing a UML model that simulated the structure of the malware. Then, by generating the ontology of the model, and using RDF query language (SPARQL) to create certain queries, the malware was correctly detected. In addition, we proposed a new classification of malware that was suitable for design detection. Results: the proposed method detected Trojan malware that appeared 552 times in a sample of 600 infected android application packages (APK). The experimental results showed a good performance in detecting malware at the design level with precision and recall of 92% and 91%, respectively. As the dataset increased, the accuracy of detection increased significantly, which made this methodology promising.
12
Egitmen, Alper, Irfan Bulut, R. Can Aygun, A. Bilge Gunduz, Omer Seyrekbasan, and A. Gokhan Yavuz. "Combat Mobile Evasive Malware via Skip-Gram-Based Malware Detection." Security and Communication Networks 2020 (April 20, 2020): 1–10. http://dx.doi.org/10.1155/2020/6726147.
Full textAbstract:
Android malware detection is an important research topic in the security area. There are a variety of existing malware detection models based on static and dynamic malware analysis. However, most of these models are not very successful when it comes to evasive malware detection. In this study, we aimed to create a malware detection model based on a natural language model called skip-gram to detect evasive malware with the highest accuracy rate possible. In order to train and test our proposed model, we used an up-to-date malware dataset called Argus Android Malware Dataset (AMD) since the AMD contains various evasive malware families and detailed information about them. Meanwhile, for the benign samples, we used Comodo Android Benign Dataset. Our proposed model starts with extracting skip-gram-based features from instruction sequences of Android applications. Then it applies several machine learning algorithms to classify samples as benign or malware. We tested our proposed model with two different scenarios. In the first scenario, the random forest-based classifier performed with 95.64% detection accuracy on the entire dataset and 95% detection accuracy against evasive only samples. In the second scenario, we created a test dataset that contained zero-day malware samples only. For the training set, we did not use any sample that belongs to the malware families in the test set. The random forest-based model performed with 37.36% accuracy rate against zero-day malware. In addition, we compared our proposed model’s malware detection performance against several commercial antimalware applications using VirusTotal API. Our model outperformed 7 out of 10 antimalware applications and tied with one of them on the same test scenario.
13
Ko, Eunbyeol, Jinsung Kim, Younghoon Ban, Haehyun Cho, and Jeong Hyun Yi. "ACAMA: Deep Learning-Based Detection and Classification of Android Malware Using API-Based Features." Security and Communication Networks 2021 (December 29, 2021): 1–12. http://dx.doi.org/10.1155/2021/6330828.
Full textAbstract:
As a great number of IoT and mobile devices are used in our daily lives, the security of mobile devices is being important than ever. If mobile devices which play a key role in connecting devices are exploited by malware to perform malicious behaviors, this can cause serious damage to other devices as well. Hence, a huge research effort has been put forward to prevent such situation. Among them, many studies attempted to detect malware based on APIs used in malware. In general, they showed the high accuracy in detecting malware, but they could not classify malware into detailed categories because their detection mechanisms do not consider the characteristics of each malware category. In this paper, we propose a malware detection and classification approach, named ACAMA, that can detect malware and categorize them with high accuracy. To show the effectiveness of ACAMA, we implement and evaluate it with previously proposed approaches. Our evaluation results demonstrate that ACAMA detects malware with 26% higher accuracy than a previous work. In addition, we show that ACAMA can successfully classify applications that another previous work, AVClass, cannot classify.
14
Akintola, Abimbola G., Abdullateef O. Balogun, Luiz Fernando Capretz, Hammed A. Mojeed, Shuib Basri, Shakirat A. Salihu, Fatima E. Usman-Hamza, Peter O. Sadiku, Ghaniyyat B. Balogun, and Zubair O. Alanamu. "Empirical Analysis of Forest Penalizing Attribute and Its Enhanced Variations for Android Malware Detection." Applied Sciences 12, no. 9 (May 6, 2022): 4664. http://dx.doi.org/10.3390/app12094664.
Full textAbstract:
As a result of the rapid advancement of mobile and internet technology, a plethora of new mobile security risks has recently emerged. Many techniques have been developed to address the risks associated with Android malware. The most extensively used method for identifying Android malware is signature-based detection. The drawback of this method, however, is that it is unable to detect unknown malware. As a consequence of this problem, machine learning (ML) methods for detecting and classifying malware applications were developed. The goal of conventional ML approaches is to improve classification accuracy. However, owing to imbalanced real-world datasets, the traditional classification algorithms perform poorly in detecting malicious apps. As a result, in this study, we developed a meta-learning approach based on the forest penalizing attribute (FPA) classification algorithm for detecting malware applications. In other words, with this research, we investigated how to improve Android malware detection by applying empirical analysis of FPA and its enhanced variants (Cas_FPA and RoF_FPA). The proposed FPA and its enhanced variants were tested using the Malgenome and Drebin Android malware datasets, which contain features gathered from both static and dynamic Android malware analysis. Furthermore, the findings obtained using the proposed technique were compared with baseline classifiers and existing malware detection methods to validate their effectiveness in detecting malware application families. Based on the findings, FPA outperforms the baseline classifiers and existing ML-based Android malware detection models in dealing with the unbalanced family categorization of Android malware apps, with an accuracy of 98.94% and an area under curve (AUC) value of 0.999. Hence, further development and deployment of FPA-based meta-learners for Android malware detection and other cybersecurity threats is recommended.
15
Parajuli, Srijana, and Subarna Shakya. "Malware Detection and Classification Using Latent Semantic Indexing." Journal of Advanced College of Engineering and Management 4 (December 31, 2018): 153–61. http://dx.doi.org/10.3126/jacem.v4i0.23205.
Full textAbstract:
The increasing popularity of smart phones has led to the dramatic growth in mobile malware especially in Android platform. Many aspects of android permission has been studied for malware detection but sufficient attention has not been given to intent. This research work proposes using Latent Semantic Indexing for malware detection and classification with permissions and intents based features. This method analyses the Manifest file of an android application by understanding the risk level of permission and intents and assigning weight score based on their sensitivity. In an experiment conducted using a dataset containing 400 malware samples and 400 normal/benign samples, the results show accuracy of 83.5% using Android Intent against 79.1 % using Android permission. Additionally, experiment on combination of both features results in accuracy of 89.7%. It can be concluded from this research work that dataset with intent based features is able to detect malwares more when compared to permissions based features.
16
D, BalaGanesh, Amlan Chakrabarti, and Divya Midhunchakkaravarthy. "Smart Devices Threats, Vulnerabilities and Malware Detection Approaches: A Survey." European Journal of Engineering Research and Science 3, no. 2 (February 6, 2018): 7. http://dx.doi.org/10.24018/ejers.2018.3.2.302.
Full textAbstract:
In recent times, malware detection mechanism systems of mobile smart devices are getting growing concentration from researchers. With the quick expansion of malwares found in mobile devices, preventing the secrecy of mobile users is incredibly imperative and necessary. Intrusion detection systems are programming devices that consequently assemble information, dissect it and recognize such occurrences. These systems advanced to intrusion aversion systems (IPS) including extra counteractive action capacities. In Intrusion detection systems, accuracy rate plays a significant role in measuring the effectiveness of an approach. One of the motivations of this study is to increase the true positive as well as reducing the false-positive rates beyond other studies.
17
D, BalaGanesh, Amlan Chakrabarti, and Divya Midhunchakkaravarthy. "Smart Devices Threats, Vulnerabilities and Malware Detection Approaches: A Survey." European Journal of Engineering and Technology Research 3, no. 2 (February 6, 2018): 7–12. http://dx.doi.org/10.24018/ejeng.2018.3.2.302.
Full textAbstract:
In recent times, malware detection mechanism systems of mobile smart devices are getting growing concentration from researchers. With the quick expansion of malwares found in mobile devices, preventing the secrecy of mobile users is incredibly imperative and necessary. Intrusion detection systems are programming devices that consequently assemble information, dissect it and recognize such occurrences. These systems advanced to intrusion aversion systems (IPS) including extra counteractive action capacities. In Intrusion detection systems, accuracy rate plays a significant role in measuring the effectiveness of an approach. One of the motivations of this study is to increase the true positive as well as reducing the false-positive rates beyond other studies.
18
Susanto, Susanto, M. Agus Syamsul Arifin, Deris Stiawan, Mohd Yazid Idris, and Rahmat Budiarto. "The trend malware source of IoT network." Indonesian Journal of Electrical Engineering and Computer Science 22, no. 1 (April 1, 2021): 450. http://dx.doi.org/10.11591/ijeecs.v22.i1.pp450-459.
Full textAbstract:
<span>Malware may disrupt the internet of thing (IoT) system/network when it resides in the network, or even harm the network operation. Therefore, malware detection in the IoT system/network becomes an important issue. Research works related to the development of IoT malware detection have been carried out with various methods and algorithms to increase detection accuracy. The majority of papers on malware literature studies discuss mobile networks, and very few consider malware on IoT networks. This paper attempts to identify problems and issues in IoT malware detection presents an analysis of each step in the malware detection as well as provides alternative taxonomy of literature related to IoT malware detection. The focuses of the discussions include malware repository dataset, feature extraction methods, the detection method itself, and the output of each conducted research. Furthermore, a comparison of malware classification approaches accuracy used by researchers in detecting malware in IoT is presented.</span>
19
Lakshmanarao, A., and M. Shashi. "Android Malware Detection with Deep Learning using RNN from Opcode Sequences." International Journal of Interactive Mobile Technologies (iJIM) 16, no. 01 (January 18, 2022): 145–57. http://dx.doi.org/10.3991/ijim.v16i01.26433.
Full textAbstract:
Android is the most widely used operating system in smartphones. Mobile users can download and access apps easily from the play store. Due to lack of security awareness and risk associated with mobile apps, malware apps would be downloaded by normal users in general. The consequences after installing a malware app are unpredictable. Malware apps can gather user personal data, browsing history, user profiles, user sensitive data like passwords. Hence, android malware detection is essential for providing security to mobile users. Android malware detection using machine learning is done either by extracting static features (opcodes, permissions, intents, system commands) or by extracting dynamic features (log behavior, system calls, dataflow). In this paper, opcode sequences are extracted from malware and benign apps, and Recurrent Neural Networks are proposed on extracted sequences. Benign apps are collected from the play store, apkpure.com and malware apps are collected from the virus share website. The proposed Recurrent Neural Network model could achieve 96% accuracy for android malware detection.
20
Amro, Belal. "Malware Detection Techniques for Mobile Devices." International Journal of Mobile Network Communications & Telematics 7, no. 4/5/6 (December 30, 2017): 01–10. http://dx.doi.org/10.5121/ijmnct.2017.7601.
Full text
21
Venugopal, Deepak, and Guoning Hu. "Efficient Signature Based Malware Detection on Mobile Devices." Mobile Information Systems 4, no. 1 (2008): 33–49. http://dx.doi.org/10.1155/2008/712353.
Full textAbstract:
The threat of malware on mobile devices is gaining attention recently. It is important to provide security solutions to these devices before these threats cause widespread damage. However, mobile devices have severe resource constraints in terms of memory and power. Hence, even though there are well developed techniques for malware detection on the PC domain, it requires considerable effort to adapt these techniques for mobile devices. In this paper, we outline the considerations for malware detection on mobile devices and propose a signature based malware detection method. Specifically, we detail a signature matching algorithm that is well suited for use in mobile device scanning due to its low memory requirements. Additionally, the matching algorithm is shown to have high scanning speed which makes it unobtrusive to users. Our evaluation and comparison study with the well known Clam-AV scanner shows that our solution consumes less than 50% of the memory used by Clam-AV while maintaining a fast scanning rate.
22
Zou, Deqing, Yueming Wu, Siru Yang, Anki Chauhan, Wei Yang, Jiangying Zhong, Shihan Dou, and Hai Jin. "IntDroid." ACM Transactions on Software Engineering and Methodology 30, no. 3 (May 2021): 1–32. http://dx.doi.org/10.1145/3442588.
Full textAbstract:
Android, the most popular mobile operating system, has attracted millions of users around the world. Meanwhile, the number of new Android malware instances has grown exponentially in recent years. On the one hand, existing Android malware detection systems have shown that distilling the program semantics into a graph representation and detecting malicious programs by conducting graph matching are able to achieve high accuracy on detecting Android malware. However, these traditional graph-based approaches always perform expensive program analysis and suffer from low scalability on malware detection. On the other hand, because of the high scalability of social network analysis, it has been applied to complete large-scale malware detection. However, the social-network-analysis-based method only considers simple semantic information (i.e., centrality) for achieving market-wide mobile malware scanning, which may limit the detection effectiveness when benign apps show some similar behaviors as malware. In this article, we aim to combine the high accuracy of traditional graph-based method with the high scalability of social-network-analysis--based method for Android malware detection. Instead of using traditional heavyweight static analysis, we treat function call graphs of apps as complex social networks and apply social-network--based centrality analysis to unearth the central nodes within call graphs. After obtaining the central nodes, the average intimacies between sensitive API calls and central nodes are computed to represent the semantic features of the graphs. We implement our approach in a tool called IntDroid and evaluate it on a dataset of 3,988 benign samples and 4,265 malicious samples. Experimental results show that IntDroid is capable of detecting Android malware with an F-measure of 97.1% while maintaining a True-positive Rate of 99.1%. Although the scalability is not as fast as a social-network-analysis--based method (i.e., MalScan ), compared to a traditional graph-based method, IntDroid is more than six times faster than MaMaDroid . Moreover, in a corpus of apps collected from GooglePlay market, IntDroid is able to identify 28 zero-day malware that can evade detection of existing tools, one of which has been downloaded and installed by more than ten million users. This app has also been flagged as malware by six anti-virus scanners in VirusTotal, one of which is Symantec Mobile Insight .
23
Ashawa, Moses, and Sarah Morris. "Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies." Journal of Information Security and Cybercrimes Research 4, no. 2 (December 30, 2021): 103–31. http://dx.doi.org/10.26735/krvi8434.
Full textAbstract:
The open-source and popularity of Android attracts hackers and has multiplied security concerns targeting devices. As such, malware attacks on Android are one of the security challenges facing society. This paper presents an analysis of mobile malware evolution between 2000-2020. The paper presents mobile malware types and in-depth infection strategies malware deploys to infect mobile devices. Accordingly, factors that restricted the fast spread of early malware and those that enhance the fast propagation of recent malware are identified. Moreover, the paper discusses and classifies mobile malware based on privilege escalation and attack goals. Based on the reviewed survey papers, our research presents recommendations in the form of measures to cope with emerging security threats posed by malware and thus decrease threats and malware infection rates. Finally, we identify the need for a critical analysis of mobile malware frameworks to identify their weaknesses and strengths to develop a more robust, accurate, and scalable tool from an Android detection standpoint. The survey results facilitate the understanding of mobile malware evolution and the infection trend. They also help mobile malware analysts to understand the current evasion techniques mobile malware deploys.
24
Wang, Liu, Haoyu Wang, Ren He, Ran Tao, Guozhu Meng, Xiapu Luo, and Xuanzhe Liu. "MalRadar." Proceedings of the ACM on Measurement and Analysis of Computing Systems 6, no. 2 (May 26, 2022): 1–27. http://dx.doi.org/10.1145/3530906.
Full textAbstract:
Mobile malware detection has attracted massive research effort in our community. A reliable and up-to-date malware dataset is critical to evaluate the effectiveness of malware detection approaches. Essentially, the malware ground truth should be manually verified by security experts, and their malicious behaviors should be carefully labelled. Although there are several widely-used malware benchmarks in our community (e.g., MalGenome, Drebin, Piggybacking and AMD, etc.), these benchmarks face several limitations including out-of-date, size, coverage, and reliability issues, etc. In this paper, we first make efforts to create MalRadar, a growing and up-to-date Android malware dataset using the most reliable way, i.e., by collecting malware based on the analysis reports of security experts. We have crawled all the mobile security related reports released by ten leading security companies, and used an automated approach to extract and label the useful ones describing new Android malware and containing Indicators of Compromise (IoC) information. We have successfully compiled MalRadar, a dataset that contains 4,534 unique Android malware samples (including both apks and metadata) released from 2014 to April 2021 by the time of this paper, all of which were manually verified by security experts with detailed behavior analysis. Then we characterize the MalRadar dataset from malware distribution channels, app installation methods, malware activation, malicious behaviors and anti-analysis techniques. We further investigate the malware evolution over the last decade. At last, we measure the effectiveness of commercial anti-virus engines and malware detection techniques on detecting malware in MalRadar. Our dataset can be served as the representative Android malware benchmark in the new era, and our observations can positively contribute to the community and boost a series of research studies on mobile security.
25
Wang, Liu, Haoyu Wang, Ren He, Ran Tao, Guozhu Meng, Xiapu Luo, and Xuanzhe Liu. "MalRadar." Proceedings of the ACM on Measurement and Analysis of Computing Systems 6, no. 2 (May 26, 2022): 1–27. http://dx.doi.org/10.1145/3530906.
Full textAbstract:
Mobile malware detection has attracted massive research effort in our community. A reliable and up-to-date malware dataset is critical to evaluate the effectiveness of malware detection approaches. Essentially, the malware ground truth should be manually verified by security experts, and their malicious behaviors should be carefully labelled. Although there are several widely-used malware benchmarks in our community (e.g., MalGenome, Drebin, Piggybacking and AMD, etc.), these benchmarks face several limitations including out-of-date, size, coverage, and reliability issues, etc. In this paper, we first make efforts to create MalRadar, a growing and up-to-date Android malware dataset using the most reliable way, i.e., by collecting malware based on the analysis reports of security experts. We have crawled all the mobile security related reports released by ten leading security companies, and used an automated approach to extract and label the useful ones describing new Android malware and containing Indicators of Compromise (IoC) information. We have successfully compiled MalRadar, a dataset that contains 4,534 unique Android malware samples (including both apks and metadata) released from 2014 to April 2021 by the time of this paper, all of which were manually verified by security experts with detailed behavior analysis. Then we characterize the MalRadar dataset from malware distribution channels, app installation methods, malware activation, malicious behaviors and anti-analysis techniques. We further investigate the malware evolution over the last decade. At last, we measure the effectiveness of commercial anti-virus engines and malware detection techniques on detecting malware in MalRadar. Our dataset can be served as the representative Android malware benchmark in the new era, and our observations can positively contribute to the community and boost a series of research studies on mobile security.
26
Yan, Jinpei, Yong Qi, and Qifan Rao. "LSTM-Based Hierarchical Denoising Network for Android Malware Detection." Security and Communication Networks 2018 (2018): 1–18. http://dx.doi.org/10.1155/2018/5249190.
Full textAbstract:
Mobile security is an important issue on Android platform. Most malware detection methods based on machine learning models heavily rely on expert knowledge for manual feature engineering, which are still difficult to fully describe malwares. In this paper, we present LSTM-based hierarchical denoise network (HDN), a novel static Android malware detection method which uses LSTM to directly learn from the raw opcode sequences extracted from decompiled Android files. However, most opcode sequences are too long for LSTM to train due to the gradient vanishing problem. Hence, HDN uses a hierarchical structure, whose first-level LSTM parallelly computes on opcode subsequences (we called them method blocks) to learn the dense representations; then the second-level LSTM can learn and detect malware through method block sequences. Considering that malicious behavior only appears in partial sequence segments, HDN uses method block denoise module (MBDM) for data denoising by adaptive gradient scaling strategy based on loss cache. We evaluate and compare HDN with the latest mainstream researches on three datasets. The results show that HDN outperforms these Android malware detection methods,and it is able to capture longer sequence features and has better detection efficiency than N-gram-based malware detection which is similar to our method.
27
Wang, Chao, Zhizhong Wu, Xi Li, Xuehai Zhou, Aili Wang, and Patrick C. K. Hung. "SmartMal: A Service-Oriented Behavioral Malware Detection Framework for Mobile Devices." Scientific World Journal 2014 (2014): 1–11. http://dx.doi.org/10.1155/2014/101986.
Full textAbstract:
This paper presents SmartMal—a novel service-oriented behavioral malware detection framework for vehicular and mobile devices. The highlight of SmartMal is to introduce service-oriented architecture (SOA) concepts and behavior analysis into the malware detection paradigms. The proposed framework relies on client-server architecture, the client continuously extracts various features and transfers them to the server, and the server’s main task is to detect anomalies using state-of-art detection algorithms. Multiple distributed servers simultaneously analyze the feature vector using various detectors and information fusion is used to concatenate the results of detectors. We also propose a cycle-based statistical approach for mobile device anomaly detection. We accomplish this by analyzing the users’ regular usage patterns. Empirical results suggest that the proposed framework and novel anomaly detection algorithm are highly effective in detecting malware on Android devices.
28
Bai, Huiwen, Guangjie Liu, Weiwei Liu, Yingxue Quan, and Shuhua Huang. "N-Gram, Semantic-Based Neural Network for Mobile Malware Network Traffic Detection." Security and Communication Networks 2021 (April 23, 2021): 1–17. http://dx.doi.org/10.1155/2021/5599556.
Full textAbstract:
Mobile malware poses a great challenge to mobile devices and mobile communication. With the explosive growth of mobile networks, it is significant to detect mobile malware for mobile security. Since most mobile malware relies on the networks to coordinate operations, steal information, or launch attacks, evading network monitor is difficult for the mobile malware. In this paper, we present an N-gram, semantic-based neural modeling method to detect the network traffic generated by the mobile malware. In the proposed scheme, we segment the network traffic into flows and extract the application layer payload from each packet. Then, the generated flow payload data are converted into the text form as the input of the proposed model. Each flow text consists of several domains with 20 words. The proposed scheme models the domain representation using convolutional neural network with multiwidth kernels from each domain. Afterward, relationships of domains are adaptively encoded in flow representation using gated recurrent network and then the classification result is obtained from an attention layer. A series of experiments have been conducted to verify the effectiveness of our proposed scheme. In addition, to compare with the state-of-the-art methods, several comparative experiments also are conducted. The experiment results depict that our proposed scheme is better in terms of accuracy.
29
Ye, Genchao, Jian Zhang, Huanzhou Li, Zhangguo Tang, and Tianzi Lv. "Android Malware Detection Technology Based on Lightweight Convolutional Neural Networks." Security and Communication Networks 2022 (March 16, 2022): 1–12. http://dx.doi.org/10.1155/2022/8893764.
Full textAbstract:
With the rapid development of Android, a major mobile Internet platform, Android malware attacks have become the number one threat to mobile Internet security. Traditional malware detection methods have low precision and greater time complexity. At present, image detection methods based on deep learning are used in malware detection. However, most of these methods are based on the largescale convolutional neural network model (such as VGG16). The computation and weight files of these models are very large, so they are not suitable for mobile Internet platforms with limited computation. A novel detection method based on a lightweight convolutional neural network is presented in this study. It transforms Android malware classes.dex, Androidmanifest.xml, and resource.arsc into RGB images and uses the lightweight convolutional neural network to extract the features of RGB images automatically. The experimental results of this study indicate that the method performs well in terms of precision and speed of detection.
30
KOULIARIDIS, Vasileios, Konstantia BARMPATSALOU, Georgios KAMBOURAKIS, and Shuhong CHEN. "A Survey on Mobile Malware Detection Techniques." IEICE Transactions on Information and Systems E103.D, no. 2 (February 1, 2020): 204–11. http://dx.doi.org/10.1587/transinf.2019ini0003.
Full text
31
Lysenko, Sergii, Kira Bobrovnikova, Andrii Nicheporuk, and Roman Shchuka. "SVM-based Technique for Mobile Malware Detection." Computer Modeling and Intelligent Systems 2353 (2019): 85–97. http://dx.doi.org/10.32782/cmis/2353-7.
Full text
32
Mohamad Arif, Juliza, Mohd Faizal Ab Razak, Sharfah Ratibah Tuan Mat, Suryanti Awang, Nor Syahidatul Nadiah Ismail, and Ahmad Firdaus. "Android mobile malware detection using fuzzy AHP." Journal of Information Security and Applications 61 (September 2021): 102929. http://dx.doi.org/10.1016/j.jisa.2021.102929.
Full text
33
Chandramohan, Mahinthan, and Hee Beng Kuan Tan. "Detection of Mobile Malware in the Wild." Computer 45, no. 9 (September 2012): 65–71. http://dx.doi.org/10.1109/mc.2012.36.
Full text
34
Yan, Ping, and Zheng Yan. "A survey on dynamic mobile malware detection." Software Quality Journal 26, no. 3 (May 13, 2017): 891–919. http://dx.doi.org/10.1007/s11219-017-9368-4.
Full text
35
Khatter, Kiran, and Sapna Malik. "Ranking and Risk Factor Scheme for Malicious applications detection and Classifications." International Journal of Information System Modeling and Design 9, no. 3 (July 2018): 67–84. http://dx.doi.org/10.4018/ijismd.2018070104.
Full textAbstract:
Being an open source operating system, android mobiles are attacked by hundreds of malware every year. Moreover, malware are using many veiled techniques that makes it difficult to detect them. Android official markets and the Google Play Store are also not left untouched by malware. This article presents the Ranking and Risk Factor Scheme (RRFS), a hybrid intrusion detection technique for Android devices for the detection of malicious android applications. Ranking and risk factor schemes perform an analysis of Android permissions requested and system calls invoked features by ranking these features with some criteria and calculating the risk factor of each application for the detection and classification of malicious applications of 81 malware families. In the results, the ranking and risk factor scheme outperforms several related approaches and has the detection and classification performance of 99.2% and 88.7%, respectively and proved fast, an energy-efficient technique for resource constraint mobile device
36
Namrud, Zakeya, Sègla Kpodjedo, Chamseddine Talhi, Ahmed Bali, and Alvine Boaye Belle. "Deep Learning Based Android Anomaly Detection Using a Combination of Vulnerabilities Dataset." Applied Sciences 11, no. 16 (August 17, 2021): 7538. http://dx.doi.org/10.3390/app11167538.
Full textAbstract:
As the leading mobile phone operating system, Android is an attractive target for malicious applications trying to exploit the system’s security vulnerabilities. Although several approaches have been proposed in the research literature for the detection of Android malwares, many of them suffer from issues such as small training datasets, there are few features (most studies are limited to permissions) that ultimately affect their performance. In order to address these issues, we propose an approach combining advanced machine learning techniques and Android vulnerabilities taken from the AndroVul dataset, which contains a novel combination of features for three different vulnerability levels, including dangerous permissions, code smells, and AndroBugs vulnerabilities. Our approach relies on that dataset to train Deep Learning (DL) and Support Vector Machine (SVM) models for the detection of Android malware. Our results show that both models are capable of detecting malware encoded in Android APK files with about 99% accuracy, which is better than the current state-of-the-art approaches.
37
Liu, Yanbing, Shousheng Jia, and Congcong Xing. "A Novel Behavior-Based Virus Detection Method for Smart Mobile Terminals." Discrete Dynamics in Nature and Society 2012 (2012): 1–12. http://dx.doi.org/10.1155/2012/262193.
Full textAbstract:
The security of smart mobile terminals has been an increasingly important issue in recent years. While there are extensive researches on virus detections for smart mobile terminals, most of them share the same framework of virus detection as that for personal computers, and few of them tackle the problem from the standpoint of detection methodology. In this paper, we propose a behavior-based virus detection method for smart mobile terminals which signals the existence of malicious code through identifying the anomaly of user behaviors. We first propose a model to collect and analyze user behaviors and then present a polynomial time algorithm for the virus detection. Next, we evaluate this algorithm by testing it with two commercial malwares and one malware written by ourselves and show that our algorithm enjoys a high virus detection rate. Finally, we notice that the rate of change of the virus detection rate of the algorithm with respect to thresholds matches the real-world situation of user behaviors, which indicates that the proposed algorithm is feasible.
38
Maryam, Afifa, Usman Ahmed, Muhammad Aleem, Jerry Chun-Wei Lin, Muhammad Arshad Islam, and Muhammad Azhar Iqbal. "cHybriDroid: A Machine Learning-Based Hybrid Technique for Securing the Edge Computing." Security and Communication Networks 2020 (November 27, 2020): 1–14. http://dx.doi.org/10.1155/2020/8861639.
Full textAbstract:
Smart phones are an integral component of the mobile edge computing (MEC) framework. Securing the data stored on mobile devices is very crucial for ensuring the smooth operations of cloud services. A growing number of malicious Android applications demand an in-depth investigation to dissect their malicious intent to design effective malware detection techniques. The contemporary state-of-the-art model suggests that hybrid features based on machine learning (ML) techniques could play a significant role in android malware detection. The selection of application’s features plays a very crucial role to capture the appropriate behavioural patterns of malware instances for a useful classification of mobile applications. In this study, we propose a novel hybrid approach to detect android malware, wherein static features in conjunction with dynamic features of smart phone applications are employed. We collect these hybrid features using permissions, intents, and run-time features (such as information leakage, cryptography’s exploitation, and network manipulations) to analyse the effectiveness of the employed techniques for malware detection. We conduct experiments using over 5,000 real-world applications. The outcomes of the study reveal that the proposed set of features has successfully detected malware threats with 97% F-measure results.
39
Mercaldo, Francesco, Giovanni Ciaramella, Giacomo Iadarola, Marco Storto, Fabio Martinelli, and Antonella Santone. "Towards Explainable Quantum Machine Learning for Mobile Malware Detection and Classification." Applied Sciences 12, no. 23 (November 24, 2022): 12025. http://dx.doi.org/10.3390/app122312025.
Full textAbstract:
Through the years, the market for mobile devices has been rapidly increasing, and as a result of this trend, mobile malware has become sophisticated. Researchers are focused on the design and development of malware detection systems to strengthen the security and integrity of sensitive and private information. In this context, deep learning is exploited, also in cybersecurity, showing the ability to build models aimed at detecting whether an application is Trusted or malicious. Recently, with the introduction of quantum computing, we have been witnessing the introduction of quantum algorithms in Machine Learning. In this paper, we provide a comparison between five state-of-the-art Convolutional Neural Network models (i.e., AlexNet, MobileNet, EfficientNet, VGG16, and VGG19), one network developed by the authors (called Standard-CNN), and two quantum models (i.e., a hybrid quantum model and a fully quantum neural network) to classify malware. In addition to the classification, we provide explainability behind the model predictions, by adopting the Gradient-weighted Class Activation Mapping to highlight the areas of the image obtained from the application symptomatic of a certain prediction, to the convolutional and to the quantum models obtaining the best performances in Android malware detection. Real-world experiments were performed on a dataset composed of 8446 Android malicious and legitimate applications, obtaining interesting results.
40
Fournier, Arthur, Franjieh El Khoury, and Samuel Pierre. "A Client/Server Malware Detection Model Based on Machine Learning for Android Devices." IoT 2, no. 3 (June 24, 2021): 355–74. http://dx.doi.org/10.3390/iot2030019.
Full textAbstract:
The rapid adoption of Android devices comes with the growing prevalence of mobile malware, which leads to serious threats to mobile phone security and attacks private information on mobile devices. In this paper, we designed and implemented a model for malware detection on Android devices to protect private and financial information, for the mobile applications of the ATISCOM project. This model is based on client/server architecture, to reduce the heavy computations on a mobile device by sending data from the mobile device to the server for remote processing (i.e., offloading) of the predictions. We then gradually optimized our proposed model for better classification of the newly installed applications on Android devices. We at first adopted Naive Bayes to build the model with 92.4486% accuracy, then the classification method that gave the best accuracy of 93.85% for stochastic gradient descent (SGD) with binary class (i.e., malware and benign), and finally the regression method with numerical values ranging from −100 to 100 to manage the uncertainty predictions. Therefore, our proposed model with random forest regression gives a good accuracy in terms of performance, with a good correlation coefficient, minimum computation time and the smallest number of errors for malware detection.
41
Wang, Liu, Haoyu Wang, Ren He, Ran Tao, Guozhu Meng, Xiapu Luo, and Xuanzhe Liu. "MalRadar." ACM SIGMETRICS Performance Evaluation Review 50, no. 1 (June 20, 2022): 21–22. http://dx.doi.org/10.1145/3547353.3530973.
Full textAbstract:
A reliable and up-to-date malware dataset is critical to evaluate the effectiveness of malware detection approaches. Although there are several widely-used malware benchmarks in our community (e.g., MalGenome, Drebin, Piggybacking and AMD, etc.), these benchmarks face several limitations including out-of-date, size, coverage, and reliability issues, etc. In this paper, we first make effort to create MalRadar, a growing and up-to-date Android malware dataset using the most reliable way, i.e., by collecting malware based on the analysis reports of security experts. We have crawled all the mobile security related reports released by ten leading security companies, and used an automated approach to extract and label the useful ones describing new Android malware and containing Indicators of Compromise (IoC) information. We have successfully compiled MalRadar, a dataset that contains 4,534 unique Android malware samples (including both apks and metadata) released from 2014 to April 2021 by the time of this paper, all of which were manually verified by security experts with detailed behavior analysis. Then we characterize the MalRadar dataset from malware distribution channels, app installation methods, malware activation, malicious behaviors and anti-analysis techniques. We further investigate the malware evolution over the last decade. At last, we measure the effectiveness of commercial anti-virus engines and malware detection techniques on detecting malware in MalRadar. Our dataset can be served as the representative Android malware benchmark in the new era, and our observations can positively contribute to the community and boost a series of studies on mobile security.
42
Gupta, Siddhant, Siddharth Sethi, Srishti Chaudhary, and Anshul Arora. "Blockchain Based Detection of Android Malware using Ranked Permissions." International Journal of Engineering and Advanced Technology 10, no. 5 (June 30, 2021): 68–75. http://dx.doi.org/10.35940/ijeat.e2593.0610521.
Full textAbstract:
Android mobile devices are a prime target for a huge number of cyber-criminals as they aim to create malware for disrupting and damaging the servers, clients, or networks. Android malware are in the form of malicious apps, that get downloaded on mobile devices via the Play Store or third-party app markets. Such malicious apps pose serious threats like system damage, information leakage, financial loss to user, etc. Thus, predicting which apps contain malicious behavior will help in preventing malware attacks on mobile devices. Identifying Android malware has become a major challenge because of the ever-increasing number of permissions that applications ask for, to enhance the experience of the users. And most of the times, permissions and other features defined in normal and malicious apps are generally the same. In this paper, we aim to detect Android malware using machine learning, deep learning, and natural language processing techniques. To delve into the problem, we use the Android manifest files which provide us with features like permissions which become the basis for detecting Android malware. We have used the concept of information value for ranking permissions. Further, we have proposed a consensus-based blockchain framework for making more concrete predictions as blockchain have high reliability and low cost. The experimental results demonstrate that the proposed model gives the detection accuracy of 95.44% with the Random Forest classifier. This accuracy is achieved with top 45 permissions ranked according to Information Value
43
Senanayake, Janaka, Harsha Kalutarage, and Mhd Omar Al-Kadri. "Android Mobile Malware Detection Using Machine Learning: A Systematic Review." Electronics 10, no. 13 (July 5, 2021): 1606. http://dx.doi.org/10.3390/electronics10131606.
Full textAbstract:
With the increasing use of mobile devices, malware attacks are rising, especially on Android phones, which account for 72.2% of the total market share. Hackers try to attack smartphones with various methods such as credential theft, surveillance, and malicious advertising. Among numerous countermeasures, machine learning (ML)-based methods have proven to be an effective means of detecting these attacks, as they are able to derive a classifier from a set of training examples, thus eliminating the need for an explicit definition of the signatures when developing malware detectors. This paper provides a systematic review of ML-based Android malware detection techniques. It critically evaluates 106 carefully selected articles and highlights their strengths and weaknesses as well as potential improvements. Finally, the ML-based methods for detecting source code vulnerabilities are discussed, because it might be more difficult to add security after the app is deployed. Therefore, this paper aims to enable researchers to acquire in-depth knowledge in the field and to identify potential future research and development directions.
44
Al Huda, Fais, Wayan Firdaus Mahmudy, and Herman Tolle. "Android Malware Detection Using Backpropagation Neural Network." Indonesian Journal of Electrical Engineering and Computer Science 4, no. 1 (October 1, 2016): 240. http://dx.doi.org/10.11591/ijeecs.v4.i1.pp240-244.
Full textAbstract:
<p>The rapid growing adoption of android operating system around the world affects the growth of malware that attacks this platform. One possible solution to overcome the threat of malware is building a comprehensive system to detect existing malware. This paper proposes multilayer perceptron artificial neural network trained with backpropagation algorithm to determine an application is malware or non-malware application which is often called benign application. The parameters that used in this study based on the list of permissions in the manifest file, the battery rating based on permission, and the size of the application file. Final weights obtained in the training phase will be used in mobile applications for malware detection. The experimental results show that the proposed method for detection of malware on android is effective. The effectiveness is demonstrated by the results of the accuracy of the system developed in this study is relatively high to recognize existing malware samples.</p>
45
Kouliaridis, Vasileios, and Georgios Kambourakis. "A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection." Information 12, no. 5 (April 25, 2021): 185. http://dx.doi.org/10.3390/info12050185.
Full textAbstract:
Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.
46
Liu, Tianyue, Zhenwan Li, Haixia Long, and Anas Bilal. "NT-GNN: Network Traffic Graph for 5G Mobile IoT Android Malware Detection." Electronics 12, no. 4 (February 4, 2023): 789. http://dx.doi.org/10.3390/electronics12040789.
Full textAbstract:
IoT Android application is the most common implementation system in the mobile ecosystem. As assaults have increased over time, malware attacks will likely happen on 5G mobile IoT Android applications. The huge threat posed by malware to communication systems security has made it one of the main focuses of information security research. Therefore, this paper proposes a new graph neural network model based on a network traffic graph for Android malware detection (NT-GNN). While some current malware detection systems use network traffic data for detection, they ignore the complex structural relationships of network traffic, focusing exclusively on network traffic between pairs of endpoints. Additionally, our suggested network traffic graph neural network model (NT-GNN) considers the graph node and edge aspects, capturing the connection between various traffic flows and individual traffic attributes. We first extract the network traffic graph and then detect it using a novel graph neural network architecture. Finally, we experimented with the proposed NT-GNN model on the well-known Android malware CICAndMal2017 and AAGM datasets and achieved 97% accuracy. The results reflect the sophisticated nature of our methodology. Furthermore, we want to provide a new method for malicious code detection.
47
Malik, Sapna, and Kiran Khatter. "Malicious Application Detection and Classification System for Android Mobiles." International Journal of Ambient Computing and Intelligence 9, no. 1 (January 2018): 95–114. http://dx.doi.org/10.4018/ijaci.2018010106.
Full textAbstract:
The Android Mobiles constitute a large portion of mobile market which also attracts the malware developer for malicious gains. Every year hundreds of malwares are detected in the Android market. Unofficial and Official Android market such as Google Play Store are infested with fake and malicious apps which is a warning alarm for naive user. Guided by this insight, this paper presents the malicious application detection and classification system using machine learning techniques by extracting and analyzing the Android Permission Feature of the Android applications. For the feature extraction, the authors of this work have developed the AndroData tool written in shell script and analyzed the extracted features of 1060 Android applications with machine learning algorithms. They have achieved the malicious application detection and classification accuracy of 98.2% and 87.3%, respectively with machine learning techniques.
48
Vishnoi, Aayush, Preeti Mishra, Charu Negi, and Sateesh Kumar Peddoju. "Android Malware Detection Techniques in Traditional and Cloud Computing Platforms." International Journal of Cloud Applications and Computing 11, no. 4 (October 2021): 113–35. http://dx.doi.org/10.4018/ijcac.2021100107.
Full textAbstract:
In the mobile world, Android is the most popular choice of manufacturers and users alike. Meanwhile, a number of malicious applications abbreviated as malapps or malware have increased explosively. Malware writers make use of existing apps to send malware to users' devices. To check presence of malware, the authors perform malware analysis of apps. In this paper, they provide a comprehensive review on state-of-the-art android malware detection approaches using traditional and cloud computing platforms. The paper also presents attack taxonomy to better understand security threat against Android. Furthermore, it describes various possible attacking features (static and dynamic) and their analysis mechanism. Various security tools have also been discussed. It presents two case studies: one for malware feature extraction and the other for demonstrating the use of machine learning for malware analysis in order to provide a practical insight of malware analysis. The results of malware analysis seem to be promising.
49
Et.al, Shafiu Musa. "HEFESTDROID: Highly Effective Features for Android Malware Detection and Analysis." Turkish Journal of Computer and Mathematics Education (TURCOMAT) 12, no. 3 (April 10, 2021): 4676–82. http://dx.doi.org/10.17762/turcomat.v12i3.1884.
Full textAbstract:
Rapid globalization and advances in mobile technology have brought about phenomenal attention and great opportunities for android application developers to contribute meaningfully to the global digital market. The android mobile platform being one of the famous mobile operating systems has the highest number of applications in the digital market with a total market share of 76.23% between August 2018 and August 2019, according to a report of global stats counter. However, the substantial number of applications on the platform has led to a great number of malware attacks on the user’s privacy and sensitive documents. Consequently, a significant number of malware detection studies have been carried out to reduce the number of malware attacks. This paper analyses the impact of using highly effective android permission features to decipher the problem malware attack. The Highly Effective Features for Android Malware Detection and Analysis (HEFEST) summarises four effective android permission features to be considered in conducting malware detection analysis and classifications. The features recognized in this study are; Normal Declared Permission, Dangerous Permission, Signature-Based Permission, and Signature-or-system. The selection is based on the capabilities of the features in depicting the behaviors of android apps. The research data are drawn from Drebin open source, the dataset comprises 15,036 benign and malicious applications extracted from 215 distinct features, the records 9,026 were malicious and 6,010 benign applications. However, this research compares the detection accuracy of android permission features using machine learning-based algorithms; Support Vector Machine, and K-Nearest Neighbor to achieve a comprehensive accuracy ratio of malware detection, the classifier has a strong accuracy decision of classification and exceptional computational efficiency. The model correctly classified 2,812 out of 2,869 malicious applications appropriately with an accuracy of 98.0% and also classified 1,607 out of 1,642 accurately with a success rate of 97.9%. Generally, 98.0% of classification accuracy was archived.
50
Yuniati, Trihastuti, Aris Rafael Tambunan, and Yoso Adi Setyoko. "Implementasi Static Analysis Dan Background Process Untuk Mendeteksi Malware Pada Aplikasi Android Dengan Mobile Security Framework." LEDGER : Journal Informatic and Information Technology 1, no. 2 (October 18, 2022): 24–28. http://dx.doi.org/10.20895/ledger.v1i2.848.
Full textAbstract:
Android menjadi sistem operasi yang paling banyak digunakan di antara sekian banyak pilihan sistem operasi untuk perangkat mobile dengan dukungan oleh aplikasi yang beragam guna memudahkan kehidupan manusia dalam beraktifitas Mobile Security Framework (MobSF) adalah framework pengujian otomatis bersifat open-source, yang mampu melakukan uji penetrasi, analisis malware, penilaian keamanan aplikasi seluler dengan analisis statis dan dinamis dalam melakukan proses analisis akan menampilkan hasil berupa laporan mengenai aplikasi android tersebut. Tujuan Penelitian ini adalaha bagaimana menggunakan Mobile Security Framwork (MobSF) sebagai analisis static malware pada aplikasi android. Sample malware akan diambil melalui internet dan menganalisis malware tersebut menggunakan metode analisis statik yang membaca informasi malware lalu dikombinasikan dengan background process android dengan menginstal live pada device android. Peneliti menggunakan Mobile security framework (MobSF) untuk menganalisis statik keamanan dengan parameter dangerous permissions, weak crypto, root detection, SSL bypass dan domain malware check pada aplikasi X8Speeder. Hasil dari analisis, terdeteksi Malware dan memiliki perizinan yang tidak sewajarnya. Seperti yang terlihat, aplikasi game tidak memerlukan izin untuk memodifikasi penyimpanan eksternal smartphone. Maka dari itu, diperlukannya ketelitian pengguna agar tidak sembarangan mengunduh atau mengklik sesuatu ketika berinternet.
Kata Kunci: Mobile Security Framework, Static Analysis, Backgrund Proces Android. Android