Analysis and Evaluation of SafeDroid v2.0, a Framework for Detecting Malicious Android Applications

Argyriou, Marios; Dragoni, Nicola; Spognardi, Angelo

doi:10.1155/2018/4672072

Cited by 4 publications

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [21][22][23][24][25][26], the researchers used machine learning and data mining theory to extract, classify, evaluate, and detect known malicious features, and they provided a direction for further research on permission and API for detecting malicious applications. DroidCat [27] and SafeDroid v2.0 [28] contributed to query strategy, active learning, and simplifying malicious features, while DroidDeep [29] contributed to static feature collection and selection. Androdect [30] constructed the dataset of the component, key function call, and system call based on the feature extraction of the component, function call, and system call; moreover, it used the three-layer hybrid ensemble algorithm for detection.…”

Section: Malware Detection Methodmentioning

confidence: 99%

Multifeature-Based Behavior of Privilege Escalation Attack Detection Method for Android Applications

Shen

Wang³

et al. 2020

Mobile Information Systems

View full text Add to dashboard Cite

This study proposed an application behavior-detection method based on multifeature and process algebra for detecting privilege escalation attacks in Android applications. The five features of application that constituted the attack were determined through an analysis of the privilege escalation attack model. On the basis of the extraction of multiple features, process algebra was used to build the application-behavior model and the attack model. Strong equivalence relation was used to verify the application behavior. Finally, dataflow path detection is conducted among the applications that can constitute privilege escalation attacks to determine those apps constituted a privilege escalation attack. The accuracy and effectiveness of the proposed method were verified using the DroidBench benchmark test and the test set that includes 55 APKs of 22 types.

show abstract

Section: Malware Detection Methodmentioning

confidence: 99%

Multifeature-Based Behavior of Privilege Escalation Attack Detection Method for Android Applications

Shen

Wang³

et al. 2020

Mobile Information Systems

View full text Add to dashboard Cite

show abstract

“…Other attempts such as CHEX [26], SafeDroid [27], AnaDroid [28], ScanDal [29], DroidEnsemble [30], DroidSieve [31], COVA [32] AndroDialysis [33], DroidNative [34], Vulvet [35] and many others; were all limited by the inclination of static analysis and the possibility of malware hiding its malicious act until runtime or using dynamic load, or any other anti-analysis techniques explained in section 5. Researchers in [36] detected the presence of malware using power consumption data.…”

Section: Static Analysismentioning

confidence: 99%

“…SafeDroid [27] is a client-server based antivirus for the android apps which scans the apps and then assigns a label to them based on its signature matching technique which is run by a remote module of the SafeDroid. The client module installed on a device reads the required information from the dex file and sends data to remote service which classify if the app is malicious or not.…”

Section: Static Analysismentioning

confidence: 99%

A Critical Analysis on Android Vulnerabilities, Malware, Anti-malware and Anti-malware Bypassing

Alrammal¹,

Alrammal²,

Naveed³

et al. 2022

Journal of Internet Technology

View full text Add to dashboard Cite

<p>Android has become the dominant operating system for portable devices, making it a valuable asset that needs protection. Though Android is very popular; it has several vulnerabilities which attackers use for malicious intents. In this paper, we present a comprehensive study on the threats in Android OS that various malware developers exploit and the different malware functionality based on Android’s threats. Furthermore, we analyze and evaluate the anti-malware approaches implemented to face the malware functionalities. Finally, we analyze and categorize malware developers’ most common anti-analysis techniques to evade anti-malware approaches. It comes to our attention that many papers covered each topic separately; however, we could not find one comprehensive study that covers Android with such details that it could be used as a research handbook on Android malware. This is the main novelty and contribution of this work.</p> <p> </p>

show abstract

Taxonomy-Based Intelligent Malware Detection Framework

Mirza

Hussain

Awan

et al. 2019

2019 IEEE Global Communications Conference (GLOBECOM)

View full text Add to dashboard Cite

Timely detection of a malicious piece of code accurately, in an enterprise network or in an individual device, before it propagates and mutate itself, is one of the most challenging tasks in the domain of cyber security. Millions of variants of each latest malware are released every day and each of these variants have a unique static signature. Conventional anti-malware tools use signatures and static heuristics of malware to segregate them from legitimate files, which is not an effective technique because of the number of malware variants released every passing day. To overcome the fundamental flaw of operational techniques, we propose a framework that generalizes the static and dynamic malware features that are used to train multiple machine learning algorithms. The generalization of clean and malicious features enables the framework to accurately differentiate between clean and malicious files.

show abstract

Analysis and Evaluation of SafeDroid v2.0, a Framework for Detecting Malicious Android Applications

Cited by 4 publications

References 17 publications

Multifeature-Based Behavior of Privilege Escalation Attack Detection Method for Android Applications

Multifeature-Based Behavior of Privilege Escalation Attack Detection Method for Android Applications

A Critical Analysis on Android Vulnerabilities, Malware, Anti-malware and Anti-malware Bypassing

Taxonomy-Based Intelligent Malware Detection Framework

Contact Info

Product

Resources

About