[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/2791405.2791558acmotherconferencesArticle/Chapter ViewAbstractPublication PageswciConference Proceedingsconference-collections
research-article

Two Phase Static Analysis Technique for Android Malware Detection

Published: 10 August 2015 Publication History

Abstract

The growing popularity of Android based smart phones has greatly fuelled the spread of android malware. Further, these malwares are evolving rapidly to escape from traditional signature-based detection methods. Hence, there is a serious need to develop effective android malware detection techniques. In this paper, we propose two phase static android malware analysis scheme using bloom filters. The Phase I involves two different bloom filters that classify a given sample into malware or benign class based on permission feature set only. The evaded malicious samples from Phase I are further analyzed by Phase II consisting Naïve Bayes Classifier using permission and code based mixed feature set. Inclusion of Phase I classification makes the technique computationally less intensive; while addition of the Phase II classification improves the overall accuracy of the proposed model. Experimental results indicate both detection accuracy and computational efficiency of the proposed technique.

References

[1]
Bagchi, S. 'With 85% Market Share, Android Set To Crush Rivals - Cxotoday.Com'. Cxotoday.com. Web. 16 August 2014.
[2]
Appbrain.com,. 'Android Operating System Statistics - Appbrain'. Web. 26 Nov. 2014.
[3]
Yale, Brad. 'The Fight For The Mobile App Market: Android Vs. Ios | Informit'. Informit.com. Web. 29 June 2014.
[4]
Fortinet.com,. 'Fortinet'S Fortiguard Labs Reports 96.5% Of All Mobile Malware Tracked Is Android Based, Symbian Is Distant Second At 3.45%; Ios, Blackberry, Palmos, And Windows Together Represent Less Than 1%Fortinet | Network Security, Enterprise And Data-Center Firewall'. N.P., 2014. Web. 10 July 2014.
[5]
Hou, Oliva. 'A Look At Google Bouncer | Malware Blog | Trend Micro'. Blog.trendmicro.com. N.p., 2012. Web. 28 July 2014.
[6]
Filiol, E., Jacob, G., & Le Liard, M. 2007. Evaluation methodology and theoretical model for antiviral behavioural detection strategies. Journal in Computer Virology, 3(1), 23--37.
[7]
Broder, A., & Mitzenmacher, M. 2004. Network applications of bloom filters: A survey. Internet mathematics, 1(4), 485--509.
[8]
Yakunin, Alex. 'Alex Yakunin's Blog: Nice Bloom Filter Application'. Blog.alexyakunin.com. N.P., 2010. Web. 21 June 2014.
[9]
Chromiumcodereview.appspot.com,. 'Issue 10896048: Transition safe browsing from bloom filter to prefix set.'. Web. 3 July 2014.
[10]
Fundamentals, Application. 'Application Fundamentals | Android Developers'. Developer.android.com. Web. Feb. 2015.
[11]
Elinux.org,. 'Android Aapt - Elinux.Org'. Web. 24 June 2014.
[12]
Code.google.com,. 'Smali - An Assembler/Disassembler For Android's Dex Format - Google Project Hosting'. Web. 5 July 2014.
[13]
Yerima, S. Y., Sezer, S., & McWilliams, G. 2014. Analysis of Bayesian classification-based approaches for Android malware detection. IET Information Security, 8(1), 25--36.
[14]
Contagiominidump.blogspot.in,. 'Contagio Mobile'. Web. 7 Aug. 2014.
[15]
Cha, S. K., Moraru, I., Jang, J., Truelove, J., Brumley, D., & Andersen, D. G. 2011. SplitScreen: Enabling efficient, distributed malware detection.Communications and Networks, Journal of, 13(2), 187--200.
[16]
Zhou, Y., & Jiang, X. (2012, May). Dissecting android malware: Characterization and evolution. In Security and Privacy (SP), 2012 IEEE Symposium on (pp. 95--109). IEEE.

Cited By

View all
  • (2021)Malicious application detection in android — A systematic literature reviewComputer Science Review10.1016/j.cosrev.2021.10037340(100373)Online publication date: May-2021
  • (2021)PEDAM: Priority Execution Based Approach for Detecting Android MalwareInternational Conference on Emerging Applications and Technologies for Industry 4.0 (EATI’2020)10.1007/978-3-030-80216-5_12(152-165)Online publication date: 15-Jul-2021
  • (2019)Android Malware Detection Combined with Static and Dynamic AnalysisProceedings of the 2019 9th International Conference on Communication and Network Security10.1145/3371676.3371685(6-10)Online publication date: 15-Nov-2019
  • Show More Cited By

Index Terms

  1. Two Phase Static Analysis Technique for Android Malware Detection

    Recommendations

    Comments

    Please enable JavaScript to view thecomments powered by Disqus.

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    WCI '15: Proceedings of the Third International Symposium on Women in Computing and Informatics
    August 2015
    763 pages
    ISBN:9781450333610
    DOI:10.1145/2791405
    © 2015 Association for Computing Machinery. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of a national government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 10 August 2015

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Android malware detection
    2. Bloom Filter
    3. Machine learning

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    WCI '15

    Acceptance Rates

    WCI '15 Paper Acceptance Rate 98 of 452 submissions, 22%;
    Overall Acceptance Rate 98 of 452 submissions, 22%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)5
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 20 Dec 2024

    Other Metrics

    Citations

    Cited By

    View all
    • (2021)Malicious application detection in android — A systematic literature reviewComputer Science Review10.1016/j.cosrev.2021.10037340(100373)Online publication date: May-2021
    • (2021)PEDAM: Priority Execution Based Approach for Detecting Android MalwareInternational Conference on Emerging Applications and Technologies for Industry 4.0 (EATI’2020)10.1007/978-3-030-80216-5_12(152-165)Online publication date: 15-Jul-2021
    • (2019)Android Malware Detection Combined with Static and Dynamic AnalysisProceedings of the 2019 9th International Conference on Communication and Network Security10.1145/3371676.3371685(6-10)Online publication date: 15-Nov-2019
    • (2019)Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and DirectionsIEEE Access10.1109/ACCESS.2019.29181397(67602-67631)Online publication date: 2019
    • (2018)A Hybrid Static Tool to Increase the Usability and Scalability of Dynamic Detection of Malware2018 13th International Conference on Malicious and Unwanted Software (MALWARE)10.1109/MALWARE.2018.8659373(115-123)Online publication date: Oct-2018
    • (2018)Discovering Similarities in Malware Behaviors by Clustering of API Call SequencesNeural Information Processing10.1007/978-3-030-04212-7_11(122-133)Online publication date: 17-Nov-2018
    • (2017)CSCdroid: Accurately Detect Android Malware via Contribution-Level-Based System Call Categorization2017 IEEE Trustcom/BigDataSE/ICESS10.1109/Trustcom/BigDataSE/ICESS.2017.237(193-200)Online publication date: Aug-2017
    • (2017)A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android SoftwareIEEE Transactions on Software Engineering10.1109/TSE.2016.261530743:6(492-530)Online publication date: 1-Jun-2017
    • (2017)An Android Malware Detection Approach Using Community Structures of Weighted Function Call GraphsIEEE Access10.1109/ACCESS.2017.27201605(17478-17486)Online publication date: 2017
    • (2017)Towards a threat assessment framework for apps collusionTelecommunications Systems10.1007/s11235-017-0296-166:3(417-430)Online publication date: 1-Nov-2017
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media