Machine learning-assisted signature and heuristic-based detection of malwares in Android devices

Rehman, Zahoor Ur; Khan, Safi Ullah; Muhammad, Khan; Lee, Jong Weon; Lv, Zhihan; Shah, Peer Azmat; Awan, Khalid Mahmood; Mehmood, Irfan

doi:10.1016/j.compeleceng.2017.11.028

Cited by 84 publications

(28 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…If the expressions and constraints of an application are in this rule library, this application will be considered as a malicious application. For example, to reduce the high false- [15], [16], [27], [28], [29], [30], [31], [32], [33], [34], [35], [36], [37], [39], [40], [41], [42], [43], [44], [45], [46], [47], [48], [49], [50], [51], [52], [53], [54], [55], [56], [57], [58], [59], [60], [61], [62], [63], [64], [94], [95], [98], [99], [100], [101], [102], [105], [109], [111],…”

Section: ) Publication Sourcementioning

confidence: 99%

A Systematic Literature Review of Android Malware Detection Using Static Analysis

et al. 2020

View full text Add to dashboard Cite

Android malware has been in an increasing trend in recent years due to the pervasiveness of Android operating system. Android malware is installed and run on the smartphones without explicitly prompting the users or without the user's permission, and it poses great threats to users such as the leakage of personal information and advanced fraud. To address these threats, various techniques are proposed by researchers and practitioners. Static analysis is one of these techniques, which is widely applied to Android malware detection and can detect malware quickly and prohibit malware before installation. To provide a clarified overview of the latest work in Android malware detection using static analysis, we perform a systematic literature review by identifying 98 studies from January 2014 to March 2020. Based on the features of applications, we first divide static analysis in Android malware detection into four categories, which include Android characteristic-based method, opcode-based method, program graph-based method, and symbolic execution-based method. Then we assess the malware detection capability of static analysis, and we compare the performance of different models in Android malware detection by analyzing the results of empirical evidence. Finally, it is concluded that static analysis is effective to detect Android malware. Moreover, there is a preliminary result that neural network model outperforms the non-neural network model in Android malware detection. However, static analysis still faces many challenges. Thus, it is necessary to derive some novel techniques for improving Android malware detection based on the current research community. Moreover, it is essential to establish a unified platform that is used to evaluate the performance of a series of techniques in Android malware detection fairly. INDEX TERMS Android malware detection, static analysis, systematic literature review.

show abstract

Section: ) Publication Sourcementioning

confidence: 99%

A Systematic Literature Review of Android Malware Detection Using Static Analysis

et al. 2020

View full text Add to dashboard Cite

show abstract

“…They utilized broadcast receivers as one of the features for malapp detection, and compared them with the Android broadcast events. Rehman et al [217] proposed framework considering both signature and heuristic-based analysis for detecting Android apps. During static analysis, they extracted some representative features including providers' and receivers' information.…”

Section: ) App Componentmentioning

confidence: 99%

“…Dam et al [84] constructed API call graph from the CFG by applying a kind of control point reachability analysis on the CFG, to carry out further experiments. Rehman et al [217] utilized malware evolution attack and malware confusion attack to enhance feasibility of the attacks. They applied these two strategies for their presented Malware Recomposition Variation (MRV).…”

Section: ) Cfgmentioning

confidence: 99%

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

et al. 2019

View full text Add to dashboard Cite

The number of applications (apps) available for smart devices or Android based IoT (Internet of Things) has surged dramatically over the past few years. Meanwhile, the volume of ill-designed or malicious apps (malapps) has been growing explosively. To ensure the quality and security of the apps in the markets, many approaches have been proposed in recent years to discriminate malapps from benign ones. Machine learning is usually utilized in classification process. Accurately characterizing apps' behaviors, or so-called features, directly affects the detection results with machine learning algorithms. Android apps evolve very fast. The size of current apps has become increasingly large and the behaviors of apps have become increasingly complicated. The extracting effective and representative features from apps is thus an ongoing challenge. Although many types of features have been extracted in existing work, to the best of our knowledge, no work has systematically surveyed the features constructed for detecting Android malapps. In this paper, we are motivated to provide a clear and comprehensive survey of the state-of-the-art work that detects malapps by characterizing behaviors of apps with various types of features. Through the designed criteria, we collect a total of 1947 papers in which 236 papers are used for the survey with four dimensions: the features extracted, the feature selection methods employed if any, the detection methods used, and the scale of evaluation performed. Based on our in-depth survey, we highlight the issues of exploring effective features from apps, provide the taxonomy of these features and indicate the future directions.

show abstract

“…This approach gains maximum points based upon some situations [6][7][8] Henceforth this approach similar to the evaluation process with the answer key where predication is based on experience from various levels. The agent will get rewards from many obstacles between him succeeding in his levels as shown in Figure 1.…”

Section: Reinforcement Learningmentioning

confidence: 99%

A Machine Learning approach for analyzing and detecting Android malicious applications

Raymond¹

2020

IJATCSE

View full text Add to dashboard Cite

Android applications are available in the google cloud apps market. Starting from the normal functionalities like calling, messaging, and camera to advanced functionalities like online banking, online shopping, there is no limit to how we can make use of mobile phones. Just like there is no limit to functionalities of the mobile phone, there is no limit to the amount of information available on mobile phones. When you say information, it is confidential information including personal information, username, and password and card details. There are already many cases reported about information leakage by compromising a mobile phone. The important point to be noticed here is that the medium through which mobile phones are providing these functionalities, and that medium is called an application. There are millions of applications in the Play Store and App Store which come with different functionalities. The only way to stop this problem is by stopping the user from downloading malicious applications from the Play Store. But the main challenge in this solution leads to a question, which is "how the user will distinguish between a malicious application and benign application". There are millions of applications in play Store and considering play Store is a trusted media, it is very unlikely to raise any suspicion over an application to a normal user. We propose a novel approach to perform static and dynamic analysis of malicious payload and compare it with the genuine application.

show abstract

Machine learning-assisted signature and heuristic-based detection of malwares in Android devices

Cited by 84 publications

References 4 publications

A Systematic Literature Review of Android Malware Detection Using Static Analysis

A Systematic Literature Review of Android Malware Detection Using Static Analysis

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

A Machine Learning approach for analyzing and detecting Android malicious applications

Contact Info

Product

Resources

About