More Web Proxy on the site http://driver.im/

research-article

FAMOUS

Authors:

K.S. Kuppusamy,

G. AghilaAuthors Info & Claims

Future Generation Computer Systems, Volume 83, Issue C

Pages 158 - 172

https://doi.org/10.1016/j.future.2018.02.001

Published: 01 June 2018 Publication History

Abstract

With the emergence of Android as a leading operating system in mobile devices, it becomes mandatory to develop specialized, predictive and robust security measures to provide a dependable environment for users. Extant reactive and proactive security techniques would not be enough to tackle the fast-growing security challenges in the Android environment. This paper has proposed a predictive forensic approach to detect suspicious Android applications. An in-depth study of statistical properties of permissions used by the malicious and benign Android applications has been performed. Based on the results of this study, a weighted score based feature set has been created which is used to build a predictive and lightweight malware detector for Android devices. Various experiments conducted on the aforementioned feature set, an improved accuracy level of 99% has been achieved with Random Forest classifier. This trained model has been used to build a forensic tool entitled FAMOUS (F orensic A nalysis of MO bile devices U sing S coring of application permissions) which is able to scan all the installed applications of an attached device and provide a descriptive report. Presents statistical properties of permissions pattern, size, file count in malicious and benign Android applications.Provides score based feature set built with permissions present in malware and benign Android applications.A machine learning based predictive classifier is built to detect maliciousness of Android applications.A forensic GUI tool FAMOUS is built with best performing machine learning classifier to triage suspicious applications.

References

[1]

Y. Zhou, X. Jiang, Dissecting android malware: Characterization and evolution, in: 2012 IEEE Symposium on Security and Privacy, IEEE, 2012, pp. 95-109.

Digital Library

[2]

W.J. Buchanan, S. Chiale, R. Macfarlane, A methodology for the security evaluation within third-party android Marketplaces, Digit. Investig. (2017).

[3]

C.J. DOrazio, K.-K.R. Choo, Circumventing ios security mechanisms for apt forensic investigations: A security taxonomy for cloud apps, Future Gener. Comput. Syst. (2016).

Digital Library

[4]

P. Faruki, V. Ganmoor, V. Laxmi, M.S. Gaur, A. Bharmal, AndroSimilar: robust statistical feature signature for android malware detection, in: Proceedings of the 6th International Conference on Security of Information and Networks, ACM, 2013, pp. 152-159.

Digital Library

[5]

M. Zheng, M. Sun, J.C. Lui, Droid analytics: a signature based analytic system to collect, extract, analyze and associate android malware, in: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, IEEE, 2013, pp. 163-171.

Digital Library

[6]

R. Sato, D. Chiba, S. Goto, Detecting android malware by analyzing manifest files, in: Proceedings of the Asia-Pacific Advanced Network, Vol. 36, 2013, pp. 2331.

[7]

C.-Y. Huang, Y.-T. Tsai, C.-H. Hsu, Performance evaluation on permission-based detection for android malware, in: Advances in Intelligent Systems and Applications-Volume 2, Springer, 2013, pp. 111-120.

[8]

B. Sanz, I. Santos, C. Laorden, X. Ugarte-Pedrero, P.G. Bringas, G. lvarez, Puma: Permission usage to detect malware in android, in: International Joint Conference CISIS12-ICEUTE 12-SOCO 12 Special Sessions, Springer, 2013, pp. 289-298.

[9]

D.-J. Wu, C.-H. Mao, T.-E. Wei, H.-M. Lee, K.-P. Wu, Droidmat: Android malware detection through manifest and api calls tracing, in: 2012 Seventh Asia Joint Conference on Information Security, IEEE, 2012, pp. 62-69.

Digital Library

[10]

M.S. Alam, S.T. Vuong, Random forest classification for detecting android malware, in: Green Computing and Communications (GreenCom), 2013 IEEE and Internet of Things (iThings/CPSCom), IEEE International Conference on and IEEE Cyber, Physical and Social Computing, IEEE, 2013, pp. 663-669.

Digital Library

[11]

P.P. Chan, W.-K. Song, Static detection of android malware by using permissions and api calls, in: 2014 International Conference on Machine Learning and Cybernetics, Vol. 1, IEEE, 2014, pp. 82-87.

[12]

H.-Y. Chuang, S.-D. Wang, Machine learning based hybrid behavior models for android malware analysis, in: 2015 IEEE International Conference on Software Quality, Reliability and Security, IEEE, 2015, pp. 201-206.

Digital Library

[13]

M. Ghorbanzadeh, Y. Chen, Z. Ma, T.C. Clancy, R. McGwier, A neural network approach to category validation of android applications, in: 2013 International Conference on Computing, Networking and Communications, IEEE, 2013, pp. 740-744.

Digital Library

[14]

W. Glodek, R. Harang, Rapid permissions-based detection and analysis of mobile malware using random decision forests, in: MILCOM 2013-2013 IEEE Military Communications Conference, IEEE, 2013, pp. 980-985.

[15]

H.-S. Ham, M.-J. Choi, Analysis of android malware detection performance using machine learning classifiers, in: 2013 International Conference on ICT Convergence, IEEE, 2013, pp. 490-495.

[16]

D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, K. Rieck, Drebin: Effective and explainable detection of android malware in your pocket, in: 21th Annual Network and Distributed System Security Symposium, NDSS, 2014.

[17]

B. Sanz, I. Santos, C. Laorden, X. Ugarte-Pedrero, J. Nieves, P.G. Bringas, G. lvarezMaran, Mama: manifest analysis for malware detection in android, Cybern. Syst., 44 (2013) 469-488.

Digital Library

[18]

A. Shabtai, Y. Fledel, Y. Elovici, Automated static code analysis for classifying android applications using machine learning, in: 2010 International Conference on Computational Intelligence and Security, IEEE, 2010, pp. 329-333.

Digital Library

[19]

W. Wang, Y. Li, X. Wang, J. Liu, X. Zhang, Detecting android malicious apps and categorizing benign apps with ensemble of classifiers, Future Gener. Comput. Syst. (2017).

Digital Library

[20]

A. Feizollah, N.B. Anuar, R. Salleh, A.W.A. Wahab, A review on feature selection in mobile malware detection, Digit. Investig., 13 (2015) 22-37.

Digital Library

[21]

S.-H. Seo, A. Gupta, A.M. Sallam, E. Bertino, K. Yim, Detecting mobile malware threats to homeland security through static analysis, J. Netw. Comput. Appl., 38 (2014) 43-53.

Digital Library

[22]

F. Marturana, S. Tacconi, A machine learning-based triage methodology for automated categorization of digital media, Digit. Investig., 10 (2013) 193-204.

Digital Library

[23]

F. DiCerbo, A. Girardello, F. Michahelles, S. Voronkova, Detection of malicious applications on android os, in: Computational Forensics, Springer, 2010, pp. 138-149.

Digital Library

[24]

J. Clemens, Automatic classification of object code using machine learning, Digit. Investig., 14 (2015) S156-S162.

Digital Library

[25]

D. Geneiatakis, I.N. Fovino, I. Kounelis, P. Stirparo, A Permission verification approach for android mobile applications, Comput. Secur., 49 (2015) 192-205.

Digital Library

[26]

B. Sanz, I. Santos, C. Laorden, X. Ugarte-Pedrero, P.G. Bringas, On the automatic categorisation of android applications, in: Consumer Communications and Networking Conference (CCNC), 2012 IEEE, IEEE, 2012, pp. 149-153.

[27]

N. Milosevic, A. Dehghantanha, K.-K.R. Choo, Machine learning aided Android malware classification, Comput. Electr. Eng. (2017).

[28]

F. Idrees, M. Rajarajan, M. Conti, T.M. Chen, Y. Rahulamathavan, Pindroid: A novel android malware detection system using ensemble learning methods, Comput. Secur., 68 (2017) 36-46.

Digital Library

[29]

S.Y. Yerima, S. Sezer, G. McWilliams, I. Muttik, A new android malware detection approach using bayesian classification, in: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications, IEEE, 2013, pp. 121-128.

Digital Library

[30]

N. Peiravian, X. Zhu, Machine learning for android malware detection using permission and api calls, in: 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, IEEE, 2013, pp. 300-305.

Digital Library

[31]

A.A.A. Samra, K. Yim, O.A. Ghanem, Analysis of clustering technique in android malware detection, in: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IEEE, 2013, pp. 729-733.

Digital Library

[32]

K.A. Talha, D.I. Alper, C. Aydin, Apk auditor: Permission-based android malware detection system, Digit. Investig., 13 (2015) 1-14.

Digital Library

[33]

G. Dini, F. Martinelli, I. Matteucci, M. Petrocchi, A. Saracino, D. Sgandurra, Risk analysis of android applications: a user-centric solution, Future Gener. Comput. Syst. (2016).

Digital Library

[34]

A.P. Felt, E. Chin, S. Hanna, D. Song, D. Wagner, Android permissions demystified, in: Proceedings of the 18th ACM Conference on Computer and Communications Security, ACM, 2011, pp. 627-638.

Digital Library

[35]

Z. Fang, W. Han, Y. Li, Permission based android security: Issues and countermeasures, Comput. Secur., 43 (2014) 205-218.

[36]

V. Moonsamy, J. Rong, S. Liu, Mining permission patterns for contrasting clean and malicious android applications, Future Gener. Comput. Syst., 36 (2014) 122-132.

[37]

X. Wang, W. Wang, Y. He, J. Liu, Z. Han, X. Zhang, Characterizing android apps behavior for effective detection of malapps at large scale, Future Gener. Comput. Syst., 75 (2017) 30-45.

[38]

M. Parkour, contagio, 2016. URL http://contagiodump.blogspot.com.

[39]

F. Tchakount, Permission-based malware detection mechanisms on android: Analysis and perspectives, J. Comput. Sci., 1 (2014).

[40]

N. Viennot, E. Garcia, J. Nieh, A measurement study of google play, in: ACM SIGMETRICS Performance Evaluation Review, Vol. 42, ACM, 2014, pp. 221-233.

Digital Library

[41]

B.R. Team, et al., Sanddroid: An apk analysis sandbox. xian jiaotong university, 2014.

[42]

F. Maggi, A. Valdi, S. Zanero, Andrototal: a flexible, scalable toolbox and service for testing mobile malware detectors, in: Proceedings of the Third ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, ACM, 2013, pp. 49-54.

Digital Library

[43]

V. VirusTotal, Virustotal - free online virus, malware and url scanner, 2004. URL https://www.virustotal.com/.

[44]

A. Desnos, androguard/androguard, 2012. URL https://github.com/androguard/androguard .

[45]

F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, E. Duchesnay, Scikit-learn: Machine learning in Python, J. Mach. Learn. Res., 12 (2011) 2825-2830.

Digital Library

Cited By

Bao TNghiem PKhiem TTrung HThong TTrinh PHieu DLe N(2024)Evaluating the Privacy and Security Implications of AI-Based Medical Chatbots on Android PlatformsHybrid Artificial Intelligent Systems10.1007/978-3-031-74186-9_3(26-38)Online publication date: 9-Oct-2024
https://dl.acm.org/doi/10.1007/978-3-031-74186-9_3
Kim JBan YKo ECho HYi J(2022)MAPAS: a practical deep learning-based android malware detection systemInternational Journal of Information Security10.1007/s10207-022-00579-621:4(725-738)Online publication date: 1-Aug-2022
https://dl.acm.org/doi/10.1007/s10207-022-00579-6
Shim HJung S(2020)Semantic-aware Comment Analysis Approach for API Permission Mapping on AndroidProceedings of the 4th International Conference on Natural Language Processing and Information Retrieval10.1145/3443279.3443312(61-69)Online publication date: 18-Dec-2020
https://dl.acm.org/doi/10.1145/3443279.3443312

FAMOUS
1. Security and privacy

Recommendations

Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers

Android platform has dominated the markets of smart mobile devices in recent years. The number of Android applications (apps) has seen a massive surge. Unsurprisingly, Android platform has also become the primary target of attackers. The management of ...
Android Malware Detection Using Category-Based Machine Learning Classifiers
SIGITE '16: Proceedings of the 17th Annual Conference on Information Technology Education

Android malware growth has been increasing dramatically as well as the diversity and complicity of their developing techniques. Machine learning techniques have been applied to detect malware by modeling patterns of static features and dynamic behaviors ...
Permission based malware detection in android devices
SCA '18: Proceedings of the 3rd International Conference on Smart City Applications

The mobile operation system Android is one of the most OS's used in the entire world, which make it the target of many malware projects and the mission of detecting those malware applications is getting harder over time due to evaluation and development ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Future Generation Computer Systems

Future Generation Computer Systems Volume 83, Issue C

June 2018

449 pages

ISSN:0167-739X

Issue’s Table of Contents

Copyright © Elsevier B.V.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 June 2018

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Bao TNghiem PKhiem TTrung HThong TTrinh PHieu DLe N(2024)Evaluating the Privacy and Security Implications of AI-Based Medical Chatbots on Android PlatformsHybrid Artificial Intelligent Systems10.1007/978-3-031-74186-9_3(26-38)Online publication date: 9-Oct-2024
https://dl.acm.org/doi/10.1007/978-3-031-74186-9_3
Kim JBan YKo ECho HYi J(2022)MAPAS: a practical deep learning-based android malware detection systemInternational Journal of Information Security10.1007/s10207-022-00579-621:4(725-738)Online publication date: 1-Aug-2022
https://dl.acm.org/doi/10.1007/s10207-022-00579-6
Shim HJung S(2020)Semantic-aware Comment Analysis Approach for API Permission Mapping on AndroidProceedings of the 4th International Conference on Natural Language Processing and Information Retrieval10.1145/3443279.3443312(61-69)Online publication date: 18-Dec-2020
https://dl.acm.org/doi/10.1145/3443279.3443312

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents