Igor Muttik scite author profile

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.Comment: IEEE 27th International Conference on Advanced Information Networking and Applications (AINA 2013),pp.121-128, 25-28 March 201

show abstract

High accuracy android malware detection using ensemble learning

Yerima

Sezer

Muttik³

2015

IET Information Security

157

View full text Add to dashboard Cite

Abstract-With over 50 billion downloads and more than 1.3 million apps in Google's official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detecting unknown malware, alternatives are needed for timely zero-day discovery. Thus this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. The machine learning models are built using a large repository of malware samples and benign apps from a leading antivirus vendor.Experimental results and analysis presented shows that the proposed method which uses a large feature space to leverage the power of ensemble learning is capable of 97.3 % to 99% detection accuracy with very low false positive rates.

show abstract

Android Malware Detection Using Parallel Machine Learning Classifiers

Yerima¹,

Sezer²,

Muttik³

2014

View full text Add to dashboard Cite

Abstract-Mobile malware has continued to grow at an alarming rate despite on-going mitigation efforts. This has been much more prevalent on Android due to being an open platform that is rapidly overtaking other competing platforms in the mobile smart devices market. Recently, a new generation of Android malware families has emerged with advanced evasion capabilities which make them much more difficult to detect using conventional methods. This paper proposes and investigates a parallel machine learning based classification approach for early detection of Android malware. Using real malware samples and benign applications, a composite classification model is developed from parallel combination of heterogeneous classifiers. The empirical evaluation of the model under different combination schemes demonstrates its efficacy and potential to improve detection accuracy. More importantly, by utilizing several classifiers with diverse characteristics, their strengths can be harnessed not only for enhanced Android malware detection but also quicker white box analysis by means of the more interpretable constituent classifiers.

show abstract

Android malware detection: An eigenspace analysis approach

Yerima¹,

Sezer²,

Muttik³

2015

View full text Add to dashboard Cite

The battle to mitigate Android malware has become more critical with the emergence of new strains incorporating increasingly sophisticated evasion techniques, in turn necessitating more advanced detection capabilities. Hence, in this paper we propose and evaluate a machine learning based approach based on eigenspace analysis for Android malware detection using features derived from static analysis characterization of Android applications. Empirical evaluation with a dataset of real malware and benign samples show that detection rate of over 96% with a very low false positive rate is achievable using the proposed method.

show abstract

Cloud security technologies

Muttik¹,

Barton²

2009

Information Security Technical Report

View full text Add to dashboard Cite

Detecting Malicious Collusion Between Mobile Software Applications: The Android TM Case

Asavoae

Blasco

Kalutarage

et al. 2017

View full text Add to dashboard Cite

Malware has been a major problem in desktop computing for decades. With the recent trend towards mobile computing, malware is moving rapidly to mobile platforms. "Total mobile malware has grown 151% over the past year", according to McAfee's quarterly threat report from September 2016. By design, Android is 'open' to download apps from different sources. Its security depends on restricting apps by combining digital signatures, sand-boxing, and permissions. Unfortunately, these restrictions can be bypassed, without the user noticing, by colluding apps for which combined permissions allow them to carry out attacks. In this chapter we report on recent and ongoing research results from our ACID project which suggest a number of reliable means to detect collusion, tackling the aforementioned problems. We present our conceptual work on the topic of collusion and discuss a number of automated tools arising from it.

show abstract

Detection of app collusion potential using logic programming

Blasco

Muttik²,

Roggenbach

2018

Journal of Network and Computer Applications

View full text Add to dashboard Cite

Android is designed with a number of built-in security features such as app sandboxing and permission-based access controls. Android supports multiple communication methods for apps to cooperate. This creates a security risk of app collusion. For instance, a sandboxed app with permission to access sensitive data might leak that data to another sandboxed app with access to the internet. In this paper, we present a method to detect potential collusion between apps. First, we extract from apps all information about their accesses to protected resources and communications. Then we identify sets of apps that might be colluding by using rules in first order logic codified in Prolog. After these, more computationally demanding approaches like taint analysis can focus on the identified sets that show collusion potential. This "filtering" approach is validated against a dataset of manually crafted colluding apps. We also demonstrate that our tool scales by running it on a set of more than 50,000 apps collected in the wild. Our tool allowed us to detect a large set of real apps that used collusion as a synchronization method to maximize the effects of a payload that was injected into all of them via the same SDK.

show abstract

Big Bad Botnets

Harley

Vibert²,

Bechtel³

et al. 2007

View full text Add to dashboard Cite

12 3

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Igor Muttik

A New Android Malware Detection Approach Using Bayesian Classification

High accuracy android malware detection using ensemble learning

Android Malware Detection Using Parallel Machine Learning Classifiers

Android malware detection: An eigenspace analysis approach

Cloud security technologies

Detecting Malicious Collusion Between Mobile Software Applications: The Android TM Case

Detection of app collusion potential using logic programming

Big Bad Botnets

Contact Info

Product

Resources

About