NATICUSdroid: A malware detection framework for Android using native and custom permissions

Mathur, Akshay; Podila, Laxmi Mounika; Kulkarni, Keyur; Niyaz, Quamar; Javaid, Ahmad Y.

doi:10.1016/j.jisa.2020.102696

Cited by 32 publications

(25 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…An innovative malware detection framework for Android has looked into more than 29,000 benign and malware apps in the period 2010 to 2019 to identify the most significant permissions [16]. The authors evaluated eight ML algorithms and founds that the Random Forest classifier based model performed best…”

Section: Related Workmentioning

confidence: 99%

Android Malware Detection using Feature Ranking of Permissions

Saleem¹,

Mišić²,

Mišić³

2022

Preprint

View full text Add to dashboard Cite

We investigate the use of Android permissions as the vehicle to allow for quick and effective differentiation between benign and malware apps. To this end, we extract all Android permissions, eliminating those that have zero impact, and apply two feature ranking algorithms namely Chi-Square test and Fisher's Exact test to rank and additionally filter them, resulting in a comparatively small set of relevant permissions. Then we use Decision Tree, Support Vector Machine, and Random Forest Classifier algorithms to detect malware apps. Our analysis indicates that this approach can result in better accuracy and Fscore value than other reported approaches. In particular, when random forest is used as the classifier with the combination of Fisher's Exact test, we achieve 99.34% in accuracy and 92.17% in F-score with the false positive rate of 0.56% for the dataset in question, with results improving to 99.82% in accuracy and 95.28% in F-score with the false positive rate as low as 0.05% when only malware from three most popular malware families are considered.

show abstract

Section: Related Workmentioning

confidence: 99%

Android Malware Detection using Feature Ranking of Permissions

Saleem¹,

Mišić²,

Mišić³

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Mathur et al [27] presented a malware detection framework for Android called NATICUSdroid, which investigated and classified benign and malware using statistically selected native and custom Android permissions as features for various ML classifiers. However, these approaches were limited to only mobile resources for its processing and classification.…”

Section: Related Workmentioning

confidence: 99%

“…In the case of static, a receiver is specified in the AndroidManifest.xml and has an identical lifetime to the app. The receiver utilizes a callback approach i.e., BroadcastReceiver.onReceive(), to override SDK calls [27].…”

Section: B Data Protection Servicementioning

confidence: 99%

Privacy Protection Framework for Android

et al. 2022

View full text Add to dashboard Cite

The increase in popularity and users of the Android platform in recent years has led to a lot of innovative and smart Android applications (apps). Many of these apps are highly interactive, customizable, and require user data to provide services. While being convenient, user privacy is the primary concern. It is not guaranteed that these apps are not storing user data for their need or scrapping algorithms through them. Android uses the system of permissions to provide security and protect user data. The user can grant permission for requested resources either at runtime or during the installation process. However, this system is often misused in practice by demanding extra permissions that are not required to provide services. These kinds of apps stop functioning if all permissions are not granted to them. Therefore, in this paper, a privacy preserved secure framework is proposed to prevent an app from stealing user data by restricting all unnecessary permissions. Unnecessary permissions are recognized by predicting the permissions required by a given app by using collaborative filtering and frequent permission set mining algorithms. Thus, the proposed model interacts with the target application and modifies the permission data inside. Experimental results reveal that the proposed model not only protects the user data but also ensures the proper functioning of the given application.

show abstract

“…Three other Android malware that emerged in 2010 included SMSReplicator, Geinimi, and Fakeplayer [45]. Both AndroidOS.DroidSMS.A and the Tap Snake game did not infect many devices, because the attack vectors were limited due to a lack of cross-platform propagation ability.…”

Section: B Evolution Of Android Malwarementioning

confidence: 99%

Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies

Ashawa

Morris

2021

JISCR

View full text Add to dashboard Cite

The open-source and popularity of Android attracts hackers and has multiplied security concerns targeting devices. As such, malware attacks on Android are one of the security challenges facing society. This paper presents an analysis of mobile malware evolution between 2000-2020. The paper presents mobile malware types and in-depth infection strategies malware deploys to infect mobile devices. Accordingly, factors that restricted the fast spread of early malware and those that enhance the fast propagation of recent malware are identified. Moreover, the paper discusses and classifies mobile malware based on privilege escalation and attack goals. Based on the reviewed survey papers, our research presents recommendations in the form of measures to cope with emerging security threats posed by malware and thus decrease threats and malware infection rates. Finally, we identify the need for a critical analysis of mobile malware frameworks to identify their weaknesses and strengths to develop a more robust, accurate, and scalable tool from an Android detection standpoint. The survey results facilitate the understanding of mobile malware evolution and the infection trend. They also help mobile malware analysts to understand the current evasion techniques mobile malware deploys

show abstract

NATICUSdroid: A malware detection framework for Android using native and custom permissions

Cited by 32 publications

References 23 publications

Android Malware Detection using Feature Ranking of Permissions

Android Malware Detection using Feature Ranking of Permissions

Privacy Protection Framework for Android

Analysis of Mobile Malware: A Systematic Review of Evolution and Infection Strategies

Contact Info

Product

Resources

About