More Web Proxy on the site http://driver.im/

research-article

Public Access

A Data-driven Characterization of Modern Android Spyware

Authors:

Fabio Pierazzi,

Michele Colajanni,

V. S. SubrahmanianAuthors Info & Claims

ACM Transactions on Management Information Systems (TMIS), Volume 11, Issue 1

Article No.: 4, Pages 1 - 38

https://doi.org/10.1145/3382158

Published: 10 April 2020 Publication History

All formats PDF

Abstract

According to Nokia’s 2017 Threat Intelligence Report, 68.5% of malware targets the Android platform; Windows is second with 28%, followed by iOS and other platforms with 3.5%. The Android spyware family UAPUSH was responsible for the most infections, and several of the top 20 most common Android malware were spyware. Simply put, modern spyware steals the basic information needed to fuel more deadly attacks such as ransomware and banking fraud. Not surprisingly, some forms of spyware are also classified as banking trojans (e.g., ACECARD). We present a data-driven characterization of the principal factors that distinguish modern Android spyware (July 2016–July 2017) both from goodware and other Android malware, using both traditional and deep ML. First, we propose an Ensemble Late Fusion (ELF) architecture that combines the results of multiple classifiers’ predicted probabilities to generate a final prediction. We show that ELF outperforms several of the best-known traditional and deep learning classifiers. Second, we automatically identify key features that distinguish spyware both from goodware and from other malware. Finally we present a detailed analysis of the factors distinguishing five important families of Android spyware: UAPUSH, PINCER, HEHE, USBCLEAVER, and ACECARD (the last is a hybrid spyware-banking trojan).

References

[1]

[n.d.]. Retrieved from https://www.virustotal.com/.

[2]

[n.d.]. Retrieved from https://github.com/pjlantz/droidbox.

[3]

[n.d.]. Retrieved July 2017 from Koodous. https://koodous.com/.

[4]

[n.d.]. Whaling Emerges as Major Cybersecurity Threat. Retrieved from https://www.cio.com/article/3059621/security/whaling-emerges-as-major-cybersecurity-threat.html.

[5]

2017. McAfee Mobile Threat Report [Internet]. Retrieved from https://www.mcafee.com/us/resources/reports/rp-mobile-threat-report-2017.pdf.

[6]

2017. Kaspersky IT Threat Evolution Statistics [Internet]. Retrieved from https://securelist.com/it-threat-evolution-q1-2017-statistics/78475/.

[7]

Yousra Aafer, Wenliang Du, and Heng Yin. 2013. DroidAPIMiner: Mining API-level features for robust malware detection in android. In Proceedings of the EAI International Conference on Security and Privacy in Communication Networks (SecureComm’13). Springer.

[8]

Nicoló Andronio, Stefano Zanero, and Federico Maggi. 2015. HelDroid: Dissecting and detecting mobile ransomware. In Proceedings of the Conference on Robotics, Artificial Intelligence, Internet of Things 8 Data (RAID’15). Springer.

Digital Library

[9]

Marco Aresu, Davide Ariu, Mansour Ahmadi, Davide Maiorca, and Giorgio Giacinto. 2015. Clustering Android malware families by HTTP traffic. In Proceedings of the 10th International Conference on Malicious and Unwanted Software (MALWARE’15). IEEE.

Digital Library

[10]

Daniel Arp, Michael Spreitzenbarth, Malte Hubner, Hugo Gascon, and Konrad Rieck. 2014. DREBIN: Effective and explainable detection of android malware in your pocket. In Proceedings of the Network and Distributed System Security Symposium (NDSS’14).

[11]

Steven Arzt, Siegfried Rasthofer, Christian Fritz, Eric Bodden, Alexandre Bartel, Jacques Klein, Yves Le Traon, Damien Octeau, and Patrick McDaniel. 2013. FlowDroid: Precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’13).

Digital Library

[12]

Battista Biggio, Konrad Rieck, Davide Ariu, Christian Wressnegger, Igino Corona, Giorgio Giacinto, and Fabio Roli. 2014. Poisoning behavioral malware clustering. In Proceedings of the ACM Workshop on Artificial Intelligence and Security (AISec Workshop’14). ACM.

Digital Library

[13]

Iker Burguera, Urko Zurutuza, and Simin Nadjm-Tehrani. 2011. Crowdroid: Behavior-based malware detection system for android. In Proceedings of the ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’11). ACM, 15--26.

Digital Library

[14]

Carlos Castillo. 2016. Android banking trojan asks for selfie with your ID. Retrieved from https://securingtomorrow.mcafee.com/mcafee-labs/android-banking-trojan-asks-for-selfie-with-your-id/.

[15]

Tanmoy Chakraborty, Fabio Pierazzi, and VS Subrahmanian. 2020. EC2: Ensemble clustering and classification for predicting android malware families. IEEE Trans. Depend. Sec. Comput. 17, 2 (2020), 262--277.

Digital Library

[16]

Rahul Chatterjee, Periwinkle Doerfler, Hadas Orgad, Sam Havron, Jackeline Palmer, Diana Freed, Karen Levy, Nicola Dell, Damon McCoy, and Thomas Ristenpart. 2018. The spyware used in intimate partner violence. In Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP’18). IEEE, Los Alamitos, CA, 441--458.

[17]

Heng-Tze Cheng, Levent Koc, Jeremiah Harmsen, Tal Shaked, Tushar Chandra, Hrishi Aradhye, Glen Anderson, Greg Corrado, Wei Chai, Mustafa Ispir, et al. 2016. Wide 8 deep learning for recommender systems. In Proceedings of the 1st Workshop on Deep Learning for Recommender Systems. ACM, 7--10.

Digital Library

[18]

Andrea Continella, Yanick Fratantonio, Martina Lindorfer, Alessandro Puccetti, Ali Zand, Christopher Kruegel, and Giovanni Vigna. 2017. Obfuscation-resilient privacy leak detection for mobile apps through differential analysis. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17).

[19]

Nokia Corp. 2017. Nokia Threat Intelligence Report 2017. Retrieved from https://pages.nokia.com/18259.threat.intelligence.report.lp.html.

[20]

Santanu Kumar Dash, Guillermo Suarez-Tangil, Salahuddin Khan, Kimberly Tam, Mansour Ahmadi, Johannes Kinder, and Lorenzo Cavallaro. 2016. DroidScribe: Classifying android malware based on runtime behavior. In Proceedings of the IEEE Security and Privacy Workshops (SPW’16).

[21]

Lucas Davi, Alexandra Dmitrienko, Ahmad-Reza Sadeghi, and Marcel Winandy. 2010. Privilege escalation attacks on android. In Proceedings of the International Conference on Information Security. Springer, 346--360.

[22]

Luke Deshotels, Vivek Notani, and Arun Lakhotia. 2014. Droidlegacy: Automated familial classification of android malware. In Proceedings of the Program Protection and Reverse Engineering Workshop. ACM.

Digital Library

[23]

H. Dharmdesani. 2014. Android.HeHe: Malware now disconnects phone calls. Retrieved from https://www.fireeye.com/blog/threat-research/2014/01/android-hehe-malware-now-disconnects-phone-calls.html.

[24]

Marko Dimjašević, Simone Atzeni, Ivo Ugrina, and Zvonimir Rakamaric. 2016. Evaluation of android malware detection based on system calls. In Proceedings of the 2016 ACM on International Workshop on Security And Privacy Analytics. ACM, 1--8.

Digital Library

[25]

Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song. 2007. Dynamic spyware analysis. In USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference, Article 18. 1–14.

[26]

William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol N. Sheth. 2014. TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32, 2, Article 5 (2014). https://doi.org/10.1145/2619091

Digital Library

[27]

F-Secure Corp. [n.d.]. Report. Retrieved from https://www.f-secure.com/weblog/archives/00002573.html.

[28]

F-Secure Corp. 2013. Trojan:Android/Pincer.A. Retrieved from https://www.f-secure.com/weblog/archives/00002538.html.

[29]

Wenhao Fan, Yaohui Sang, Daishuai Zhang, Ran Sun, and Yuan’an Liu. 2017. DroidInjector: A process injection-based dynamic tracking system for runtime behaviors of Android applications. Comput. Secur. 70 (2017), 224--237.

[30]

Ryan Farley and Xinyuan Wang. 2010. Roving BugNet: Distributed surveillance threat and mitigation. Comput. Secur. 29, 5 (2010), 592--602.

Digital Library

[31]

Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaji, and Thomas A. Longstaff. 1996. A sense of self for Unix processes. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[32]

Jerome Friedman, Trevor Hastie, and Robert Tibshirani. 2001. The Elements of Statistical Learning. Springer Series in Statistics. Springer, New York, NY.

[33]

Andrea Gianazza, Federico Maggi, Aristide Fattori, Lorenzo Cavallaro, and Stefano Zanero. 2014. Puppetdroid: A user-centric ui exerciser for automatic dynamic analysis of similar android applications. Tech Report (2014).

[34]

Google. 2017. Android Security 2016 Year in Review. Tech. Report.

[35]

Michael I. Gordon, Deokhwan Kim, Jeff Perkins, Limei Gilham, Nguyen Nguyen, and Martin Rinard. 2015. Information-flow analysis of Android applications in DroidSafe. In Proceedings of the Network and Distributed System Security Symposium (NDSS’15).

[36]

Michael C. Grace, Wu Zhou, Xuxian Jiang, and Ahmad-Reza Sadeghi. 2012. Unsafe exposure analysis of mobile in-app advertisements. In Proceedings of the Fifth ACM Conference on Security and Privacy in Wireless and Mobile Networks (WISEC'12). https://dl.acm.org/doi/10.1145/2185448.2185464.

Digital Library

[37]

Info-security magazine. [n.d.]. Exaspy, a New Android Spyware, Targets Execs. Retrieved August 2017 from https://www.infosecurity-magazine.com/news/exaspy-a-new-android-spyware/.

[38]

Sushil Jajodia, Noseong Park, Fabio Pierazzi, Andrea Pugliese, Edoardo Serra, Gerardo I Simari, and VS Subrahmanian. 2017. A probabilistic logic of cyber deception. IEEE Trans. Inf. Forens. Secur. 12, 11 (2017), 2532--2544.

Digital Library

[39]

Danial Javaheri, Mehdi Hosseinzadeh, and Amir Masoud Rahmani. 2018. Detection and elimination of spyware and ransomware by intercepting kernel-level system routines. IEEE Access 6 (2018), 78321--78332.

[40]

Chanhyun Kang, Noseong Park, B Aditya Prakash, Edoardo Serra, and Venkatraman Sivili Subrahmanian. 2016. Ensemble models for data-driven prediction of malware infections. In Proceedings of the ACM International Conference on Web Search and Data Mining (WSDM’16). ACM, San Francisco, CA, USA.

Digital Library

[41]

Kaspersky. [n.d.]. Criminals Blackmail Users with Sensitive Information. Retrieved August 2017 from https://www.kaspersky.com/blog/beware_sextortion/5796/.

[42]

Kaspersky Labs. 2016. Android Trump Card: AceCard. Retrieved from https://www.kaspersky.com/blog/acecard-android-trojan/11368/.

[43]

Engin Kirda, Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard Kemmerer. 2006. Behavior-based spyware detection. In Proceedings of the USENIX Security Symposium (USENIX Security’06).

[44]

Koodous. [n.d.]. Droidbox. Retrieved July 2017 from https://docs.koodous.com/yara/droidbox/.

[45]

Eric Lancaster, Tanmoy Chakraborty, and V. S. Subrahmanian. 2018. MALT: Parallel prediction of malicious tweets. IEEE Trans. Comput. Soc. Syst. 5, 4 (2018), 1096--1108.

[46]

Anh Le, Janus Varmarken, Simon Langhoff, Anastasia Shuba, Minas Gjoka, and Athina Markopoulou. 2015. Ant Monitor: A system for monitoring from mobile devices. In Proceedings of the 2015 ACM SIGCOMM Workshop on Crowdsourcing and Crowdsharing of Big (Internet). https://dl.acm.org/doi/10.1145/2787394.2787396.

Digital Library

[47]

Martina Lindorfer, Matthias Neugschwandtner, and Christian Platzer. 2015. Marvin: Efficient and comprehensive mobile app classification through static and dynamic analysis. In Proceedings of the IEEE Computer Society Signature Conference on Computers, Software and Applications (IEEE COMPSAC’15).

Digital Library

[48]

Martina Lindorfer, Matthias Neugschwandtner, Lukas Weichselbaum, Yanick Fratantonio, Victor Van Der Veen, and Christian Platzer. 2014. ANDRUBIS—1,000,000 apps later: A view on current Android malware behaviors. Proceedings of the International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS’14)

Digital Library

[49]

Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, and Sotiris Ioannidis. 2014. AndRadar: Fast discovery of android applications in alternative markets. In Proceedings of the SIG SIDAR Conference on Detection of Intrusions and Malware 8 Vulnerability Assessment (DIMVA’14). Springer, 51--71.

[50]

Yabing Liu, Han Hee Song, Ignacio Bermudez, Alan Mislove, Mario Baldi, and Alok Tongaonkar. 2015. Identifying personal information in Internet traffic (COSN'15). ACM Press, 59--70.

[51]

Mirco Marchetti, Fabio Pierazzi, Michele Colajanni, and Alessandro Guido. 2016. Analysis of high volumes of network traffic for advanced persistent threat detection. Comput. Netw. 109, 2 (2016), 127–141.

Digital Library

[52]

Mirco Marchetti, Fabio Pierazzi, Alessandro Guido, and Michele Colajanni. 2016. Countering advanced persistent threats through security intelligence and big data analytics. In Proceedings of the IEEE International Conference on Cyber Conflict (CyCon’16).

[53]

Enrico Mariconti, Lucky Onwuzurike, Panagiotis Andriotis, Emiliano De Cristofaro, Gordon Ross, and Gianluca Stringhini. 2017. MaMaDroid: Detecting android malware by building markov chains of behavioral models. Proceedings of the Network and Distributed System Security Symposium (NDSS’17).

[54]

Lorenzo Martignoni, Mihai Christodorescu, and Somesh Jha. 2007. Omniunpack: Fast, generic, and safe unpacking of malware. In Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC’07). IEEE, 431--441.

[55]

Brad Miller, Alex Kantchelian, Michael Carl Tschantz, Sadia Afroz, Rekha Bachwani, Riyaz Faizullabhoy, Ling Huang, Vaishaal Shankar, Tony Wu, George Yiu, et al. 2016. Reviewer integration and performance measurement for malware detection. In Proceedings of the SIG SIDAR Conference on Detection of Intrusions and Malware 8 Vulnerability Assessment (DIMVA’16). Springer.

Digital Library

[56]

Nikola Milosevic, Ali Dehghantanha, and Kim-Kwang Raymond Choo. 2017. Machine learning aided Android malware classification. Comput. Electr. Eng. 61 (Jul. 2017), 266–274.

[57]

Suman Nath. 2015. MAdScope: Characterizing mobile In-app targeted ads. In Proceedings of the 13th Annual International Conference on Mobile Systems, Applications, and Services. https://dl.acm.org/doi/10.1145

Digital Library

[58]

D. Oktavianto and I. Muhardianto. 2013. Cuckoo Malware Analysis. Packt Publishing.

[59]

Lucky Onwuzurike, Mario Almeida, Enrico Mariconti, Jeremy Blackburn, Gianluca Stringhini, and Emiliano De Cristofaro. [n.d.]. A family of droids—Android malware detection via behavioral modeling: Static vs dynamic analysis. In Proceedings of the 16th Annual Conference on Privacy, Security and Trust 16th Annual Conference on Privacy, Security and Trust (PST’18).

[60]

Xiaorui Pan, Xueqiang Wang, Yue Duan, Xiaofeng Wang, and Heng Yin. 2017. Dark hazard : Learning-based, large-scale discovery of hidden sensitive operations in android apps. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17).

[61]

Xiaorui Pan, Xueqiang Wang, Yue Duan, XiaoFeng Wang, and Heng Yin. 2017. Dark hazard: Learning-based, large-scale discovery of hidden sensitive operations in android apps. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17).

[62]

Younghee Park, Douglas Reeves, Vikram Mulukutla, and Balaji Sundaravel. 2010. Fast malware classification by automated behavioral graph matching. In Proceedings of the 6th Annual Workshop on Cyber Security and Information Intelligence Research. ACM.

Digital Library

[63]

Feargus Pendlebury, Fabio Pierazzi, Roberto Jordaney, Johannes Kinder, and Lorenzo Cavallaro. 2019. {TESSERACT}: Eliminating experimental bias in malware classification across space and time. In Proceedings of the 28th USENIX Security Symposium (USENIX Security’19). 729--746.

[64]

Andrea Possemato, Andrea Lanzi, Simon Pak Ho Chung, Wenke Lee, and Yanick Fratantonio. 2018. ClickShield: Are you hiding something? Towards eradicating clickjacking on android. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1120--1136.

Digital Library

[65]

Jingjing Ren, Ashwin Rao, Martina Lindorfer, Arnaud Legout, and David Choffnes. 2016. ReCon: Revealing and controlling PII leaks in mobile network traffic. In Proceedings of the 13th Annual International Conference on Mobile Systems, Applications, and Services (MobiSys'16).

Digital Library

[66]

Irwin Reyes, Primal Wijesekera, Joel Reardon, Amit Elazari Bar On, Abbas Razaghpanah, Narseo Vallina-Rodriguez, and Serge Egelman. 2018. Won’t somebody think of the children? Examining COPPA compliance at scale. Proc. Priv. Enhanc. Technol. 2018, 3 (2018), 63--83.

[67]

Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, and Pavel Laskov. 2008. Learning and classification of malware behavior. In Proceedings of the SIG SIDAR Conference on Detection of Intrusions and Malware 8 Vulnerability Assessment (DIMVA’08). Springer.

Digital Library

[68]

E. Eugene Schultz. 2003. Pandoraâs box: Spyware, adware, autoexecution, and NGSCB. Comput. Secur. 22, 5 (2003), 366–367.

Digital Library

[69]

Asaf Shabtai, Yuval Elovici, and Lior Rokach. 2012. A Survey of Data Leakage Detection and Prevention Solutions. Springer Science 8 Business Media.

Digital Library

[70]

Rocky Slavin, Xiaoyin Wang, Mitra Bokaei Hosseini, James Hester, Ram Krishnan, Jaspreet Bhatia, Travis D. Breaux, and Jianwei Niu. 2016. Toward a framework for detecting privacy policy violations in android application code. In International Conference on Software Engineering (ICSE) Conference.

Digital Library

[71]

Yihang Song and Urs Hengartner. 2015. Privacy Guard: A VPN-based platform to detect information leakage on android devices. In Proceedings of the 5th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile. ACM Press, 15--26.

[72]

Guillermo Suarez-Tangil, Santanu Kumar Dash, Mansour Ahmadi, Johannes Kinder, Giorgio Giacinto, and Lorenzo Cavallaro. 2017. DroidSieve: Fast and accurate classification of obfuscated android malware. In Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY’17).

Digital Library

[73]

Guillermo Suarez-Tangil, Juan E Tapiador, Pedro Peris-Lopez, and Jorge Blasco. 2014. Dendroid: A text mining approach to analyzing and classifying code structures in android malware families. Expert Syst. Appl. 41, 4, Part 1 (2014), 1101–1117.

[74]

Syaifuddin Syaifuddin, Zamah Sari, and Mohammad Khairul Masduqi. 2018. Analysis of uapush malware infection using static and behavior method on android. Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control. Universitas Muhammadiyah Malang.

[75]

Symantec. [n.d.]. A-Z Listing of Thearts and Risks. Retrieved July 2017 from https://www.symantec.com/security_response/landing/azlisting.jsp.

[76]

Hien Thi Thu Truong, Eemil Lagerspetz, Petteri Nurmi, Adam J. Oliner, Sasu Tarkoma, N. Asokan, and Sourav Bhattacharya. 2014. The company you keep: Mobile malware infection rates and inexpensive risk indicators. In Proceedings of theAnnual Conference on the World Wide Web (WWW’14). ACM, 39--50.

Digital Library

[77]

Tzu-Yen Wang, Shi-Jinn Horng, Ming-Yang Su, Chin-Hsiung Wu, Peng-Chu Wang, and Wei-Zen Su. 2006. A surveillance spyware detection system based on data mining methods. In Proceedings of the IEEE Congress on Evolutionary Computation (CEC’06). IEEE, 3236--3241.

[78]

Mingyuan Xia, Lu Gong, Yuanhao Lyu, Zhengwei Qi, and Xue Liu. 2015. Effective real-time android application auditing. In IEEE Symposium on Security and Privacy. IEEE.

Digital Library

[79]

Lok Kwong Yan and Heng Yin. 2012. DroidScope: Seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. In Proceedings of the USENIX Security Symposium (USENIX Security’12).

[80]

Shui Yu, Guofei Gu, Ahmed Barnawi, Song Guo, and Ivan Stojmenovic. 2015. Malware propagation in large-scale networks. IEEE Trans. Knowl. Data Eng. 27, 1 (2015), 170--179.

[81]

Hao Zhang, Danfeng (Daphne) Yao, and Naren Ramakrishnan. 2016. Causality-based sensemaking of network traffic for android application security. In Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security (ALSec’16). ACM Press, 47--58.

Digital Library

[82]

Hao Zhang, Danfeng Daphne Yao, Naren Ramakrishnan, and Zhibin Zhang. 2016. Causality reasoning about network events for detecting stealthy malware activities. Comput. Secur. 58 (2016), 180–198.

Digital Library

[83]

Mu Zhang, Yue Duan, Heng Yin, and Zhiruo Zhao. 2014. Semantics-aware Android malware classification using weighted contextual API dependency graphs. In Proceedings of the ACM Conference on Computer and Communications Security (CCS’14).

Digital Library

[84]

Yajin Zhou and Xuxian Jiang. 2012. Dissecting android malware: Characterization and evolution. In Proceedings of the IEEE Symposium on Security and Privacy.

Digital Library

[85]

Sebastian Zimmeck, Ziqi Wang, Lieyong Zou, Roger Iyengar, Bin Liu, Florian Schaub, Shomir Wilson, Norman Sadeh, Steven M. Bellovin, and Joel Reidenberg. 2017. Automated analysis of privacy requirements for mobile apps. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17).

Cited By

Lim JKwok ZSoon IYong JSong Yuhao SBinte Rosley SBalachandran VVilela JSchulmann HLi N(2024)A-COPILOT: Android Covert Operation for Private Information Lifting and OTP Theft: A study on how Malware Masquerading as Legitimate Applications compromise Security and PrivacyProceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy10.1145/3626232.3658638(155-157)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1145/3626232.3658638
Heliyanto PSafitri C(2024)Optimization of Accuracy Using Ensamble Stacking to Detect Android Malware2024 IEEE Asia Pacific Conference on Wireless and Mobile (APWiMob)10.1109/APWiMob64015.2024.10792965(50-55)Online publication date: 28-Nov-2024
https://doi.org/10.1109/APWiMob64015.2024.10792965
Chimezie Obidiagha CRahouti MHayajneh T(2024)DeepImageDroid: A Hybrid Framework Leveraging Visual Transformers and Convolutional Neural Networks for Robust Android Malware DetectionIEEE Access10.1109/ACCESS.2024.348559312(156285-156306)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3485593
Show More Cited By

Index Terms

A Data-driven Characterization of Modern Android Spyware

Recommendations

Effectiveness of Android Obfuscation on Evading Anti-malware
CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Obfuscation techniques have been conventionally used for legitimate applications, including preventing application reverse engineering, tampering and protecting intellectual property. A malware author could also leverage these benign techniques to hide ...
Smart malware detection on Android

Nowadays, because of its increased popularity, Android is target to a growing number of attacks and malicious applications, with the purpose of stealing private information and consuming credit by subscribing to premium services. Most of the current ...
Hartley's test ranked opcodes for Android malware analysis
SIN '15: Proceedings of the 8th International Conference on Security of Information and Networks

The popularity and openness of Android platform encourage malware authors to penetrate various market places with malicious applications. As a result, malware detection has become a critical topic in security. Currently signature-based system is able to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Transactions on Management Information Systems

ACM Transactions on Management Information Systems Volume 11, Issue 1

March 2020

111 pages

ISSN:2158-656X

EISSN:2158-6578

DOI:10.1145/3380547

Editor:
Daniel Zeng
Chinese Academy of Sciences, China

Issue’s Table of Contents

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 April 2020

Accepted: 01 February 2020

Revised: 01 December 2019

Received: 01 May 2019

Published in TMIS Volume 11, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

North Atlantic Treaty Organization (NATO) Science for Peace and Security (SPS) programme
Army Research Office
Office of Naval Research

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
2,338
Total Downloads

Downloads (Last 12 months)774
Downloads (Last 6 weeks)102

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Lim JKwok ZSoon IYong JSong Yuhao SBinte Rosley SBalachandran VVilela JSchulmann HLi N(2024)A-COPILOT: Android Covert Operation for Private Information Lifting and OTP Theft: A study on how Malware Masquerading as Legitimate Applications compromise Security and PrivacyProceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy10.1145/3626232.3658638(155-157)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1145/3626232.3658638
Heliyanto PSafitri C(2024)Optimization of Accuracy Using Ensamble Stacking to Detect Android Malware2024 IEEE Asia Pacific Conference on Wireless and Mobile (APWiMob)10.1109/APWiMob64015.2024.10792965(50-55)Online publication date: 28-Nov-2024
https://doi.org/10.1109/APWiMob64015.2024.10792965
Chimezie Obidiagha CRahouti MHayajneh T(2024)DeepImageDroid: A Hybrid Framework Leveraging Visual Transformers and Convolutional Neural Networks for Robust Android Malware DetectionIEEE Access10.1109/ACCESS.2024.348559312(156285-156306)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3485593
Nawshin FGad RUnal DAl-Ali ASuganthan P(2024)Malware detection for mobile computing using secure and privacy-preserving machine learning approaches: A comprehensive surveyComputers and Electrical Engineering10.1016/j.compeleceng.2024.109233117(109233)Online publication date: Jul-2024
https://doi.org/10.1016/j.compeleceng.2024.109233
Sushma NKiran GVinay EChavva S(2024)Spyware Alert System and Image Steganography for Military ApplicationThe Future of Artificial Intelligence and Robotics10.1007/978-3-031-60935-0_52(580-600)Online publication date: 20-Aug-2024
https://doi.org/10.1007/978-3-031-60935-0_52
Muhammad ZAnwar ZJaved ASaleem BAbbas SGadekallu T(2023)Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and DefensesTechnologies10.3390/technologies1103007611:3(76)Online publication date: 12-Jun-2023
https://doi.org/10.3390/technologies11030076
Naser MAbu Al-Haija Q(2023)Spyware Identification for Android Systems Using Fine TreesInformation10.3390/info1402010214:2(102)Online publication date: 7-Feb-2023
https://doi.org/10.3390/info14020102
Saracino ASimoni M(2023)Graph-Based Android Malware Detection and Categorization through BERT TransformerProceedings of the 18th International Conference on Availability, Reliability and Security10.1145/3600160.3605057(1-7)Online publication date: 29-Aug-2023
https://dl.acm.org/doi/10.1145/3600160.3605057
Costa LMoia V(2023)A Lightweight and Multi-Stage Approach for Android Malware Detection Using Non-Invasive Machine Learning TechniquesIEEE Access10.1109/ACCESS.2023.329660611(73127-73144)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3296606
AlMasri TAlDalaien M(2023)Detecting Spyware in Android Devices Using Random ForestProceedings of the 2023 International Conference on Advances in Computing Research (ACR’23)10.1007/978-3-031-33743-7_25(294-315)Online publication date: 27-May-2023
https://doi.org/10.1007/978-3-031-33743-7_25
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents