pBMDS

Xie, Liang; Zhang, Xinwen; Seifert, Jean-Pierre; Zhu, Sencun

doi:10.1145/1741866.1741874

Cited by 90 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since signaturebased malware detection systems are based on known malwares, they cannot detect unknown malwares or variants of known malwares. Anomaly-based or behaviour-based systems [21], [8], [13], [20], [26], [23] monitor application or system behaviour in order to identify anomalous activities which may arise due to malware attacks. In general, they identify anomalous activities by deploying machine learning classication algorithms such as SVM, HMM, Naive Bayes, KNN, etc.…”

Section: Related Workmentioning

confidence: 99%

“…Researchers have proposed techniques to detect smartphone intrusions using various approaches, which broadly include signature and anomaly-based techniques such as [1,5,6,8,12,13,20,21,23,26,27]. However, the majority of these state-of-the-art techniques emphasise detection accuracy, while neglecting eciency in terms of resource consumption, which manifests as performance overhead on the device (from here on we will use the terms device and smartphone interchangeably) resources and timeliness/detection latency, which is the time between arrival of an intrusion and its detection.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

DroidLight

Barbhuiya

Kilpatrick

Nikolopoulos

2020

Proceedings of the 21st International Conference on Distributed Computing and Networking

View full text Add to dashboard Cite

Smartphone malware attacks are increasing alongside the growth of smartphone applications in the market. Researchers have proposed techniques to detect malware attacks using various approaches, which broadly include signature and anomaly-based intrusion detection systems (IDSs). Anomaly-based IDSs usually require training machine learning models with datasets collected from running both benign and malware applications. This may result in low detection accuracy when detecting zero-day malwares, i.e. those not previously seen or recorded. In this paper, we propose DroidLight, a lightweight IDS which can detect zero-day malware eciently and eectively. We designed an algorithm for DroidLight that is based on one class classication and probability distribution analysis. For each smartphone application, the classication model learns its normal CPU utilisation and network trac pattern. The model ags an intrusion alert if there is any signicant deviation from the normal pattern. By deploying three self-developed malwares we performed realistic evaluation of DroidLight, i.e. the evaluation was performed on a real device while a real user was interacting with it. Evaluation results demonstrate that DroidLight can detect smartphone malwares with accuracy ranging from 93.3% to 100% while imposing only 1.5% total overhead on device resources. CCS CONCEPTS• Security and privacy → Malware and its mitigation; Intrusion detection systems; Denial-of-service attacks; • Humancentered computing → Smartphones; • Computing methodologies → Classication and regression trees.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

DroidLight

Barbhuiya

Kilpatrick

Nikolopoulos

2020

Proceedings of the 21st International Conference on Distributed Computing and Networking

View full text Add to dashboard Cite

show abstract

“…Some of the approaches involve cloud based techniques to detect attack to reduce resource usage at the cost of cloud services, network connectivity and communication to maintain real-time synchronization of device in cloud [5,6]. Other approaches involve non-human, behavioral analysis instead of relying on known signatures for malware detection, are lightweight and run on the device itself but fail to detect instantaneous and abrupt attack [7,8,9]. Even rigorous surveys done from 2011 to 2015 in the area of Smartphone security challenges, talked about android security architecture and its issues, malware evolution and penetration threats and highlight desirable security features, security mechanisms and solutions available and provided suggestions for defense, detection, protection and security [10,11,12,13].…”

Section: Literature Reviewmentioning

confidence: 99%

Enhancing Stability of Android based Smart Devices-JIOS

Shah¹,

Patel²

2018

The Oxford Journal of Intelligent Decision and Data Science

View full text Add to dashboard Cite

In the current era of enormous use of smart devices, running with performance demanding applications, stable and healthy working environment of this smarty is required to be maintained. Very little work is done in this vicinity. Major work is done in the area of security, misuse detection, privacy of data and threat detection and even efficient solution are also provided by the researchers. Our goal is to identify unstable and unhealthy situations caused by the application-process running on smart devices. We concentrated on Android based smart devices looking to the popularity, market shares and usage statistics. It is obvious that there is a direct co-relation between application working behaviour and smart device state. Surprisingly, very little work exists on dynamic modelling of application working behaviour and its consequences. The dynamical modelling of behavioural patterns for application abnormality detection is the main contributions of the work. For the same we focused on Android based smart devices looking to the popularity, availability and download statistics of android app. Also due to the open Android's philosophy, benign or malignant applications can be published easily with limited controls; Android is having challenges in working environment.

show abstract

“…[15] present Taintdroid, a system-wide information flow tracking tool, to provide real-time analysis and identify the privacy leakage problem. Xie et al [16] propose a malware detection system which adopts a probabilistic approach through correlating user inputs with system calls to detect anomalous activities in mobile phones. Crowdroid [17] aim at detecting malware in the Android platform by applying clustering algorithms on system call statistics.…”

Section: Related Workmentioning

confidence: 99%

mAuditor

Jin

Nahrstedt

2015

Proceedings of the 2015 Workshop on Pervasive Wireless Healthcare

View full text Add to dashboard Cite

Enormous numbers of mobile health applications (mHealth apps) developed recently on mobile devices (e.g. smartphones, tablets, etc.) have enabled health status (e.g. sleep quality, heart rate, etc.) monitoring that is readily accessible to average mobile device users. Typically, such mHealth apps involve active usage of mobile device resources, such as on-board sensors, network bandwidth, etc. The rapid increase of these applications promotes the US FDA agency to put in place regulations on mHealth app risk assessment. But these existing and upcoming regulations have not yet been accompanied by a mobile auditing framework, which provides real-time monitoring of mHealth apps' resource usage and triggers alerts to users if abnormal resource usage patterns are detected. In this paper, we develop a low-overhead and non-obtrusive mobile auditing framework, called mAuditor, that specifically monitors in real-time onboard sensor and network bandwidth usage of mHealth apps. We carry out experiments using a diverse set of mHealth apps that are available on the Google Play App store. Our results indicate that mAuditor is able to detect the discrepancies between normal and abnormal resource usage patterns of mHealth apps.

show abstract

pBMDS

Cited by 90 publications

References 12 publications

DroidLight

DroidLight

Enhancing Stability of Android based Smart Devices-JIOS

mAuditor

Contact Info

Product

Resources

About