“…Several works such as [6]- [12] apply static analysis for detection of Android malware. Grace et al proposed RiskRanker [6] for automated risk assessment and app profiling in order to police Android markets.…”
Section: Related Workmentioning
confidence: 99%
“…AndroidLeaks [9], SCANDAL [10], and the approach presented in [11] are frameworks that detect privacy information leakage based on static analysis. Furthermore, in [12], the Android Application Sandbox (AAS) is proposed by Blasing et al AAS uses both static and dynamic analysis, where the static analysis part is based on matching 5 different patterns from decompiled code. Static analysis also provides the basis for the heuristic engine proposed in [2] for detecting Android malware using 39 different flags.…”
Abstract-With over 50 billion downloads and more than 1.3 million apps in Google's official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detecting unknown malware, alternatives are needed for timely zero-day discovery. Thus this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. The machine learning models are built using a large repository of malware samples and benign apps from a leading antivirus vendor.Experimental results and analysis presented shows that the proposed method which uses a large feature space to leverage the power of ensemble learning is capable of 97.3 % to 99% detection accuracy with very low false positive rates.
“…Several works such as [6]- [12] apply static analysis for detection of Android malware. Grace et al proposed RiskRanker [6] for automated risk assessment and app profiling in order to police Android markets.…”
Section: Related Workmentioning
confidence: 99%
“…AndroidLeaks [9], SCANDAL [10], and the approach presented in [11] are frameworks that detect privacy information leakage based on static analysis. Furthermore, in [12], the Android Application Sandbox (AAS) is proposed by Blasing et al AAS uses both static and dynamic analysis, where the static analysis part is based on matching 5 different patterns from decompiled code. Static analysis also provides the basis for the heuristic engine proposed in [2] for detecting Android malware using 39 different flags.…”
Abstract-With over 50 billion downloads and more than 1.3 million apps in Google's official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detecting unknown malware, alternatives are needed for timely zero-day discovery. Thus this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. The machine learning models are built using a large repository of malware samples and benign apps from a leading antivirus vendor.Experimental results and analysis presented shows that the proposed method which uses a large feature space to leverage the power of ensemble learning is capable of 97.3 % to 99% detection accuracy with very low false positive rates.
“…Sandboxing is the process of creating an isolated computer environment, typically through virtualisation, to test untrusted operations such as those observed in unverified and untested code or programs. It has been effectively implemented as a security solution in various fields of computing, from specific code platforms [Leroy 2001] to browser systems [Barth et al 2008], and in the field of smartphone security to improve defence against malicious software [Blasing et al 2010]. Proprietary applications, such as Adobe Acrobat X, have also implemented their own sandbox engine for enhanced security [Xiao and Zhao 2013].…”
Section: Technicalmentioning
confidence: 99%
“…Through taxonomic research and development, defence systems have employed techniques that analyse relationships between application behaviour and response (sandboxing [Blasing et al 2010;Greamo and A.Ghosh 2011], dynamic anomaly based scanning [Tavallaee et al 2010] etc.). These systems have enabled dynamic and proactive response to security threats on multiple technical platforms, from mobile to desktop operating systems.…”
Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that employ a variety of attack vectors and strategies to psychologically manipulate a user. Semantic attacks are the specific type of social engineering attacks that bypass technical defences by actively manipulating object characteristics, such as platform or system applications, to deceive rather than directly attack the user. Commonly observed examples include obfuscated URLs, phishing emails, drive-by downloads, spoofed websites and scareware to name a few. This paper presents a taxonomy of semantic attacks, as well as a survey of applicable defences. By contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix, we identify the areas where further research can be particularly beneficial.
“…The approach is based on a probabilistic diffusion scheme using device usage patterns [1]. The Android Application Sandbox [4] has also been used for both static and dynamic analysis on Android programs and for detecting suspicious applications automatically based on the collaborative detection [20]. This assumes that if the neighbours of a device are infected, the device itself is likely to be infected.…”
Section: General Mobile Malware Detection Techniquesmentioning
This is the accepted version of the paper.This version of the publication may differ from the final published version. Abstract. As the use of mobile devices spreads dramatically, hackers have started making use of mobile botnets to steal user information or perform other malicious attacks. To address this problem, in this paper we propose a mobile botnet detection system, called MBotCS. MBotCS can detect mobile device traffic indicative of the presence of a mobile botnet based on prior training using machine learning techniques. Our approach has been evaluated using real mobile device traffic captured from Android mobile devices, running normal apps and mobile botnets. In the evaluation, we investigated the use of 5 machine learning classifier algorithms and a group of machine learning box algorithms with different validation schemes. We have also evaluated the effect of our approach with respect to its effect on the overall performance and battery consumption of mobile devices.
Permanent repository link
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.