Smart malware detection on Android

Gheorghe, Laura; Marin, Bogdan; Gibson, Gary; Mogosanu, Lucian; Deaconescu, Răzvan; Voiculescu, Valentin-Gabriel; Carabaș, Mihai

doi:10.1002/sec.1340

Cited by 17 publications

(11 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Up to now, a growing effort has been devoted to Android malware [10]. From an intrusion detection perspective, many machine learning algorithms have been applied to differentiate between legitimate and malicious Android apps, such as classifiers [11], [12], [13], [14] and clustering [15]. Under a similar perspective, some other approaches based on knowledge discovery [16], visual inspection [17], and weighted similarity matching of logs [18] have been also proposed.…”

Section: Introductionmentioning

confidence: 99%

Key features for the characterization of Android malware families

et al. 2016

View full text Add to dashboard Cite

In recent years, mobile devices such as smartphones, tablets and wearables have become the new paradigm of user-computer interaction. The increasing use and adoption of such devices is also leading to an increased number of potential security risks. The spread of mobile malware, particularly on popular and open platforms such as Android, has become a major concern. This paper focuses on the bad-intentioned Android apps by addressing the problem of selecting the key features of such software that support the characterization of such malware. The accurate detection and characterization of this software is still an open challenge, mainly due to its ever-changing nature and the open distribution channels of Android apps. Maximum Relevance Minimum Redundancy and evolutionary algorithms guided by information correlation measures have been applied for feature selection on the well-known Android Malware Genome (Malgenome) dataset, attaining interesting results on the most informative features for the characterization of representative families of existing Android malware.

show abstract

Section: Introductionmentioning

confidence: 99%

Key features for the characterization of Android malware families

et al. 2016

View full text Add to dashboard Cite

show abstract

“…The initial data was collected through the framework described in [1,2] which relies on a data collection framework within the smartphone and the installation of an additional application that performs the real-time monitoring while running in background (called AMDS in [2]). The application pool was built by using both reputable applications (the ones that the phone came with, top Google Play applications, or similar stores for other markets such as SlideMe [4]) as well as known malware applications.…”

Section: Methodsmentioning

confidence: 99%

“…After this step the target application was uninstalled, to prevent both reaching lack of storage space during the experiment as well as preventing some applications from influencing one another and the next target application from the list was installed and experimented with. During the training phase a data of monitoring each target application was stored locally in the phone, and during testing phase a different pool of applications was used, each application installed, monitored, local data stored updated, while the real-time monitoring application described at large in [2], was running in background, and if abnormal behavior was detected this application would be prevented from running, it would be flagged to the user who would make the final decision (to continue preventing the application from running or allow it to continue) on a case by case basis.…”

Section: Methodsmentioning

confidence: 99%

“…This level of openness into the source code of the stack allows access into both public and non-public API information, allowing for the purpose of our research access into the smartphone sensors. It also consists of the basis of the infrastructure of data collection architecture (used to obtain the raw data behind the initial dataset for this paper) described in [1] with an application for malware detection [2], using measurable events collected for a set of Android applications including both samples obtained from scientists in the field (Malgenome application set described by the authors of [3]) as well as more recent Internet sources (including [4,5] and Google Play for benign Android samples).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Detection of Anomalous Behavior in Modern Smartphones Using Software Sensor-Based Data

Vlădăreanu

Voiculescu

Grosu

et al. 2020

Sensors

Self Cite

View full text Add to dashboard Cite

This paper describes the steps involved in obtaining a set of relevant data sources and the accompanying method using software-based sensors to detect anomalous behavior in modern smartphones based on machine-learning classifiers. Three classes of models are investigated for classification: logistic regressions, shallow neural nets, and support vector machines. The paper details the design, implementation, and comparative evaluation of all three classes. If necessary, the approach could be extended to other computing devices, if appropriate changes were made to the software infrastructure, based upon mandatory capabilities of the underlying hardware.

show abstract

“…Malware, today, is increasingly sophisticated and avoids detection by changing its patterns each time it runs [30]. The changing of patterns makes detection nearly impossible.…”

Section: Security Issues Attack Vectors Attack Types Impactsmentioning

confidence: 99%

Secured Cloud for Enterprise Computing

Faizi

Rahman

EPiC Series in Computing

View full text Add to dashboard Cite

Cloud computing is a transformative technology that organizations cannot ignore. Before adopting cloud computing, an organization must determine its needs and risks and encapsulate them into cloud service provider selection criteria. Due to being sharable and the openly accessible nature of cloud computing, the criteria must highlight data security and protection against malware. Only after developing the criteria, should the organizations select a cloud service provider. Choosing the right provider is essential.

show abstract

Smart malware detection on Android

Cited by 17 publications

References 26 publications

Key features for the characterization of Android malware families

Key features for the characterization of Android malware families

Detection of Anomalous Behavior in Modern Smartphones Using Software Sensor-Based Data

Secured Cloud for Enterprise Computing

Contact Info

Product

Resources

About