Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events

Ham, You Joung; Lee, Hyungwoo

doi:10.7763/ijcce.2014.v3.310

Cited by 18 publications

(6 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a similar way, the 2013 study by Sanz et al [198] trained machine learning classifiers to separate known malware and benign apps mined from Google Play. The 2014 study on identifying malicious apps using system call events, by Ham and Lee [90], also used apps from the Google Play Games category as a benign set, against which to compare.…”

Section: Malwarementioning

confidence: 99%

A Survey of App Store Analysis for Software Engineering

Martin

Sarro

Jia

et al. 2017

IIEEE Trans. Software Eng.

338

242

View full text Add to dashboard Cite

App Store Analysis studies information about applications obtained from app stores. App stores provide a wealth of information derived from users that would not exist had the applications been distributed via previous software deployment methods. App Store Analysis combines this non-technical information with technical information to learn trends and behaviours within these forms of software repositories. Findings from App Store Analysis have a direct and actionable impact on the software teams that develop software for app stores, and have led to techniques for requirements engineering, release planning, software design, security and testing. This survey describes and compares the areas of research that have been explored thus far, drawing out common aspects, trends and directions future research should take to address open problems and challenges.

show abstract

Section: Malwarementioning

confidence: 99%

A Survey of App Store Analysis for Software Engineering

Martin

Sarro

Jia

et al. 2017

IIEEE Trans. Software Eng.

338

242

View full text Add to dashboard Cite

show abstract

“…Dynamic analysis-based malware detection approaches have an advantage over static analysis-based approaches in analyzing concrete behaviors of malware [5,12,14,22,26,27,32,36,67,70,73,74,81,83,87,90]. Also, they have another advantage of analyzing malware equipped with anti-analysis mechanisms such as obfuscation.…”

Section: Detecting Android Malwarementioning

confidence: 99%

“…However, their critical limitation is that they cannot detect unknown malware because they rely on signatures of known malicious applications [66]. Therefore, the research community have been focusing on developing malware detection approaches by using a machine learning or deep learning algorithm with various features for protecting users from emerging malware [2,5,7,10,12,[14][15][16][18][19][20][21][22][23]26,27,[30][31][32][33][34][36][37][38][39][40][41][42][45][46][47][48][49][50][51]54,58,[61][62][63][64]66,67,70,[72][73][74][76]…”

Section: Introductionmentioning

confidence: 99%

MAPAS: a practical deep learning-based android malware detection system

Kim

Ban

et al. 2022

Int. J. Inf. Secur.

View full text Add to dashboard Cite

A lot of malicious applications appears every day, threatening numerous users. Therefore, a surge of studies have been conducted to protect users from newly emerging malware by using machine learning algorithms. Albeit existing machine or deep learning-based Android malware detection approaches achieve high accuracy by using a combination of multiple features, it is not possible to employ them on our mobile devices due to the high cost for using them. In this paper, we propose MAPAS, a malware detection system, that achieves high accuracy and adaptable usages of computing resources. MAPAS analyzes behaviors of malicious applications based on API call graphs of them by using convolution neural networks (CNN). However, MAPAS does not use a classifier model generated by CNN, it only utilizes CNN for discovering common features of API call graphs of malware. For efficiently detecting malware, MAPAS employs a lightweight classifier that calculates a similarity between API call graphs used for malicious activities and API call graphs of applications that are going to be classified. To demonstrate the effectiveness and efficiency of MAPAS, we implement a prototype and thoroughly evaluate it. And, we compare MAPAS with a state-of-the-art Android malware detection approach, MaMaDroid. Our evaluation results demonstrate that MAPAS can classify applications 145.8% faster and uses memory around ten times lower than MaMaDroid. Also, MAPAS achieves higher accuracy (91.27%) than MaMaDroid (84.99%) for detecting unknown malware. In addition, MAPAS can generally detect any type of malware with high accuracy.

show abstract

“…There are different approaches for Android malapp detection by analyzing apps' API. Some studies [3], [14], [19], [35], [42], [51], [55], [66], [67], [83], [96], [150], [194], [197], [198], [204], [230], [231], [233] extracted APIs as well as some other features and utilized machine learning to detect malapps. Some studies employed the APIs under certain conditions.…”

Section: ) Apimentioning

confidence: 99%

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

et al. 2019

View full text Add to dashboard Cite

The number of applications (apps) available for smart devices or Android based IoT (Internet of Things) has surged dramatically over the past few years. Meanwhile, the volume of ill-designed or malicious apps (malapps) has been growing explosively. To ensure the quality and security of the apps in the markets, many approaches have been proposed in recent years to discriminate malapps from benign ones. Machine learning is usually utilized in classification process. Accurately characterizing apps' behaviors, or so-called features, directly affects the detection results with machine learning algorithms. Android apps evolve very fast. The size of current apps has become increasingly large and the behaviors of apps have become increasingly complicated. The extracting effective and representative features from apps is thus an ongoing challenge. Although many types of features have been extracted in existing work, to the best of our knowledge, no work has systematically surveyed the features constructed for detecting Android malapps. In this paper, we are motivated to provide a clear and comprehensive survey of the state-of-the-art work that detects malapps by characterizing behaviors of apps with various types of features. Through the designed criteria, we collect a total of 1947 papers in which 236 papers are used for the survey with four dimensions: the features extracted, the feature selection methods employed if any, the detection methods used, and the scale of evaluation performed. Based on our in-depth survey, we highlight the issues of exploring effective features from apps, provide the taxonomy of these features and indicate the future directions.

show abstract

Detection of Malicious Android Mobile Applications Based on Aggregated System Call Events

Cited by 18 publications

References 12 publications

A Survey of App Store Analysis for Software Engineering

A Survey of App Store Analysis for Software Engineering

MAPAS: a practical deep learning-based android malware detection system

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

Contact Info

Product

Resources

About