An Android Application Sandbox system for suspicious software detection

Bläsing, Thomas; Batyuk, Leonid; Schmidt, Aubrey-Derrick; Camtepe, Seyit; Albayrak, Şahin

doi:10.1109/malware.2010.5665792

Cited by 336 publications

(172 citation statements)

References 14 publications

Supporting

Mentioning

163

Contrasting

Unclassified

Order By: Relevance

“…Several works such as [6]- [12] apply static analysis for detection of Android malware. Grace et al proposed RiskRanker [6] for automated risk assessment and app profiling in order to police Android markets.…”

Section: Related Workmentioning

confidence: 99%

“…AndroidLeaks [9], SCANDAL [10], and the approach presented in [11] are frameworks that detect privacy information leakage based on static analysis. Furthermore, in [12], the Android Application Sandbox (AAS) is proposed by Blasing et al AAS uses both static and dynamic analysis, where the static analysis part is based on matching 5 different patterns from decompiled code. Static analysis also provides the basis for the heuristic engine proposed in [2] for detecting Android malware using 39 different flags.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

High accuracy android malware detection using ensemble learning

Yerima

Sezer

Muttik³

2015

IET Information Security

158

View full text Add to dashboard Cite

Abstract-With over 50 billion downloads and more than 1.3 million apps in Google's official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detecting unknown malware, alternatives are needed for timely zero-day discovery. Thus this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. The machine learning models are built using a large repository of malware samples and benign apps from a leading antivirus vendor.Experimental results and analysis presented shows that the proposed method which uses a large feature space to leverage the power of ensemble learning is capable of 97.3 % to 99% detection accuracy with very low false positive rates.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

High accuracy android malware detection using ensemble learning

Yerima

Sezer

Muttik³

2015

IET Information Security

158

View full text Add to dashboard Cite

show abstract

“…Sandboxing is the process of creating an isolated computer environment, typically through virtualisation, to test untrusted operations such as those observed in unverified and untested code or programs. It has been effectively implemented as a security solution in various fields of computing, from specific code platforms [Leroy 2001] to browser systems [Barth et al 2008], and in the field of smartphone security to improve defence against malicious software [Blasing et al 2010]. Proprietary applications, such as Adobe Acrobat X, have also implemented their own sandbox engine for enhanced security [Xiao and Zhao 2013].…”

Section: Technicalmentioning

confidence: 99%

“…Through taxonomic research and development, defence systems have employed techniques that analyse relationships between application behaviour and response (sandboxing [Blasing et al 2010;Greamo and A.Ghosh 2011], dynamic anomaly based scanning [Tavallaee et al 2010] etc.). These systems have enabled dynamic and proactive response to security threats on multiple technical platforms, from mobile to desktop operating systems.…”

Section: Introductionmentioning

confidence: 99%

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

2015

View full text Add to dashboard Cite

Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that employ a variety of attack vectors and strategies to psychologically manipulate a user. Semantic attacks are the specific type of social engineering attacks that bypass technical defences by actively manipulating object characteristics, such as platform or system applications, to deceive rather than directly attack the user. Commonly observed examples include obfuscated URLs, phishing emails, drive-by downloads, spoofed websites and scareware to name a few. This paper presents a taxonomy of semantic attacks, as well as a survey of applicable defences. By contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix, we identify the areas where further research can be particularly beneficial.

show abstract

“…The approach is based on a probabilistic diffusion scheme using device usage patterns [1]. The Android Application Sandbox [4] has also been used for both static and dynamic analysis on Android programs and for detecting suspicious applications automatically based on the collaborative detection [20]. This assumes that if the neighbours of a device are infected, the device itself is likely to be infected.…”

Section: General Mobile Malware Detection Techniquesmentioning

confidence: 99%

MBotCS: A Mobile Botnet Detection System Based on Machine Learning

Meng

Spanoudakis

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

This is the accepted version of the paper.This version of the publication may differ from the final published version. Abstract. As the use of mobile devices spreads dramatically, hackers have started making use of mobile botnets to steal user information or perform other malicious attacks. To address this problem, in this paper we propose a mobile botnet detection system, called MBotCS. MBotCS can detect mobile device traffic indicative of the presence of a mobile botnet based on prior training using machine learning techniques. Our approach has been evaluated using real mobile device traffic captured from Android mobile devices, running normal apps and mobile botnets. In the evaluation, we investigated the use of 5 machine learning classifier algorithms and a group of machine learning box algorithms with different validation schemes. We have also evaluated the effect of our approach with respect to its effect on the overall performance and battery consumption of mobile devices. Permanent repository link

show abstract

An Android Application Sandbox system for suspicious software detection

Cited by 336 publications

References 14 publications

High accuracy android malware detection using ensemble learning

High accuracy android malware detection using ensemble learning

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

MBotCS: A Mobile Botnet Detection System Based on Machine Learning

Contact Info

Product

Resources

About