MOCDroid: multi-objective evolutionary classifier for Android malware detection

Martín, Alfonso Jiménez; Menéndez, Héctor D.; Camacho, David

doi:10.1007/s00500-016-2283-y

Cited by 72 publications

(36 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Martín et al [34] illustrated outsider calls to sidestep the impacts of these disguise methodologies since they can't be obfuscated. We join bunching and multi-target advancement to produce a classifier in view of particular practices characterized by outsider call bunches.…”

Section: Review Of the Signature-based Approachesmentioning

confidence: 99%

A state-of-the-art survey of malware detection approaches using data mining techniques

Souri

Hosseini

2018

Hum. Cent. Comput. Inf. Sci.

305

166

View full text Add to dashboard Cite

Data mining techniques have been concentrated for malware detection in the recent decade. The battle between security analyzers and malware scholars is everlasting as innovation grows. The proposed methodologies are not adequate while evolutionary and complex nature of malware is changing quickly and therefore turn out to be harder to recognize. This paper presents a systematic and detailed survey of the malware detection mechanisms using data mining techniques. In addition, it classifies the malware detection approaches in two main categories including signature-based methods and behavior-based detection. The main contributions of this paper are: (1) providing a summary of the current challenges related to the malware detection approaches in data mining, (2) presenting a systematic and categorized overview of the current approaches to machine learning mechanisms, (3) exploring the structure of the significant methods in the malware detection approach and (4) discussing the important factors of classification malware approaches in the data mining. The detection approaches have been compared with each other according to their importance factors. The advantages and disadvantages of them were discussed in terms of data mining models, their evaluation method and their proficiency. This survey helps researchers to have a general comprehension of the malware detection field and for specialists to do consequent examinations.

show abstract

Section: Review Of the Signature-based Approachesmentioning

confidence: 99%

A state-of-the-art survey of malware detection approaches using data mining techniques

Souri

Hosseini

2018

Hum. Cent. Comput. Inf. Sci.

305

166

View full text Add to dashboard Cite

show abstract

“…However, such outsider calls provide essential information for software analysis and should be obfuscated. For example, Martín et al (2017) showed that the function calls of third-party libraries are very effective for signature-based malware detection (Souri and Hosseini 2018). To obfuscate such information, Collberg et al (1997) suggested substituting common patterns of function invocation with less obvious ones.…”

Section: Code Diversificationmentioning

confidence: 99%

Layered obfuscation: a taxonomy of software obfuscation techniques for layered security

Zhou

Jiang

et al. 2020

Cybersecur

View full text Add to dashboard Cite

Software obfuscation has been developed for over 30 years. A problem always confusing the communities is what security strength the technique can achieve. Nowadays, this problem becomes even harder as the software economy becomes more diversified. Inspired by the classic idea of layered security for risk management, we propose layered obfuscation as a promising way to realize reliable software obfuscation. Our concept is based on the fact that real-world software is usually complicated. Merely applying one or several obfuscation approaches in an ad-hoc way cannot achieve good obscurity. Layered obfuscation, on the other hand, aims to mitigate the risks of reverse software engineering by integrating different obfuscation techniques as a whole solution. In the paper, we conduct a systematic review of existing obfuscation techniques based on the idea of layered obfuscation and develop a novel taxonomy of obfuscation techniques. Following our taxonomy hierarchy, the obfuscation strategies under different branches are orthogonal to each other. In this way, it can assist developers in choosing obfuscation techniques and designing layered obfuscation solutions based on their specific requirements.

show abstract

“…In [74], a static analysis framework called MOC-Droid has been proposed to discriminate malware and benign-ware. A semantic intention has been extracted from third-party API call combinations (Import terms) and two sub-models that keep only relevant behaviours for malware and benign applications have been created.…”

Section: Code-based Featuresmentioning

confidence: 99%

“…Each of DexClassLoader and Crypto APIs have been used in [77]. Also, other features such as Import terms were used in [74]. Moreover, the method calls and function arguments and instructions were used in [78].…”

Section: Code-based Featuresmentioning

confidence: 99%

The Android malware detection systems between hope and reality

2019

View full text Add to dashboard Cite

The widespread use of Android-based smartphones made it an important target for malicious applications' developers. So, a large number of frameworks have been proposed to tackle the huge number of daily published malwares. Despite there are many review papers that have been conducted in order to shed light on the works that achieved in Android malware analysing domain, the number of conducted review papers do not fit with the importance of this research field and with the volume of achieved works. Also, there is no comprehensive taxonomy for all research trends in the field of analysing malicious applications targeting the Android system. Furthermore, none of the existing review papers contains a schematic model that makes it easy for the reader to know the methods and methodologies used in a particular field of research without much effort. This paper aims at proposing a comprehensive taxonomy and suggesting a new schematic review approach. To this end, a review of a large number of works that achieved between 2009 and 2019 has been conducted. The achieved study includes more than 200 papers that have different goals such as apps' behaviour analysis, automatic user interface triggers or packer/unpacker frameworks development. Also, a comprehensive taxonomy has been proposed so that most of the previous works can be classified under it. To the best of our knowledge, the suggested taxonomy is the widest and the most comprehensive in terms of the covered research trends. Moreover, we have proposed a detailed schematic model (called Schematic Review Model) illustrates the process of detecting the malignant applications of an Android in the light of the studied works and the proposed taxonomy. To our knowledge, this is the first time that the Android malware detection methods have been explained in this way with this amount of detail. Furthermore, the studied researches have been analysed according to multiple criteria such as used analysing method, used features, used detection method, and used dataset. Also, the features used in the studied works were discussed in detail by dividing it into multiple classes. Moreover, the challenges facing Android's malware analysing methods were discussed in detail. Finally, it has been concluded that there are gaps between the size and the goal of the conducted works and the number of malicious apps published every day, so some future works areas have been proposed and discussed.

show abstract

MOCDroid: multi-objective evolutionary classifier for Android malware detection

Cited by 72 publications

References 24 publications

A state-of-the-art survey of malware detection approaches using data mining techniques

A state-of-the-art survey of malware detection approaches using data mining techniques

Layered obfuscation: a taxonomy of software obfuscation techniques for layered security

The Android malware detection systems between hope and reality

Contact Info

Product

Resources

About