Static Analysis of Executables for Collaborative Malware Detection on Android

Schmidt, Aubrey-Derrick; Bye, Rainer; Schmidt, Hans-Gunterh; Clausen, Jan Hendrik; Kiraz, Osman; Yüksel, Kamer Ali; Camtepe, Seyit; Albayrak, Şahin

doi:10.1109/icc.2009.5199486

Cited by 188 publications

(101 citation statements)

References 20 publications

(15 reference statements)

Supporting

Mentioning

100

Contrasting

Unclassified

Order By: Relevance

“…In [26], the authors also apply machine learning with static analysis, but utilize Linux malware rather than Android malware samples. Their approach extracts Linux system commands within Android and use the readelf command to output a list of referenced function calls for each system command.…”

Section: Related Workmentioning

confidence: 99%

High accuracy android malware detection using ensemble learning

Yerima

Sezer

Muttik³

2015

IET Information Security

156

View full text Add to dashboard Cite

Abstract-With over 50 billion downloads and more than 1.3 million apps in Google's official market, Android has continued to gain popularity amongst smartphone users worldwide. At the same time there has been a rise in malware targeting the platform, with more recent strains employing highly sophisticated detection avoidance techniques. As traditional signature based methods become less potent in detecting unknown malware, alternatives are needed for timely zero-day discovery. Thus this paper proposes an approach that utilizes ensemble learning for Android malware detection. It combines advantages of static analysis with the efficiency and performance of ensemble machine learning to improve Android malware detection accuracy. The machine learning models are built using a large repository of malware samples and benign apps from a leading antivirus vendor.Experimental results and analysis presented shows that the proposed method which uses a large feature space to leverage the power of ensemble learning is capable of 97.3 % to 99% detection accuracy with very low false positive rates.

show abstract

Section: Related Workmentioning

confidence: 99%

High accuracy android malware detection using ensemble learning

Yerima

Sezer

Muttik³

2015

IET Information Security

156

View full text Add to dashboard Cite

show abstract

“…The approach is based on a probabilistic diffusion scheme using device usage patterns [1]. The Android Application Sandbox [4] has also been used for both static and dynamic analysis on Android programs and for detecting suspicious applications automatically based on the collaborative detection [20]. This assumes that if the neighbours of a device are infected, the device itself is likely to be infected.…”

Section: General Mobile Malware Detection Techniquesmentioning

confidence: 99%

MBotCS: A Mobile Botnet Detection System Based on Machine Learning

Meng

Spanoudakis

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

This is the accepted version of the paper.This version of the publication may differ from the final published version. Abstract. As the use of mobile devices spreads dramatically, hackers have started making use of mobile botnets to steal user information or perform other malicious attacks. To address this problem, in this paper we propose a mobile botnet detection system, called MBotCS. MBotCS can detect mobile device traffic indicative of the presence of a mobile botnet based on prior training using machine learning techniques. Our approach has been evaluated using real mobile device traffic captured from Android mobile devices, running normal apps and mobile botnets. In the evaluation, we investigated the use of 5 machine learning classifier algorithms and a group of machine learning box algorithms with different validation schemes. We have also evaluated the effect of our approach with respect to its effect on the overall performance and battery consumption of mobile devices. Permanent repository link

show abstract

“…Several publications discuss android-specific security mechanisms, involving overall security assessment of the platform [13], malware detection [14], application permission analysis [15], and kernel hardening [16]. Significant work has been done in applying machine learning (ML) methods, using features derived from both static [17][18][19] and dynamic [20] analysis to identify malicious android applications [21], to network traffic classification [22], malware traffic analysis [23] and botnets localization [24].…”

Section: Related Workmentioning

confidence: 99%

Computational intelligence anti-malware framework for android OS

Demertzis¹,

Iliadis²

2017

Vietnam J Comput Sci

View full text Add to dashboard Cite

It is a fact that more and more users are adopting the online digital payment systems via mobile devices for everyday use. This attracts powerful gangs of cybercriminals, which use sophisticated and highly intelligent types of malware to broaden their attacks. Malicious software is designed to run quietly and to remain unsolved for a long time. It manages to take full control of the device and to communicate (via the Tor network) with its Command & Control servers of fastflux botnets' networks to which it belongs. This is done to achieve the malicious objectives of the botmasters. This paper proposes the development of the computational intelligence anti-malware framework (CIantiMF) which is innovative, ultra-fast and has low requirements. It runs under the android operating system (OS) and its reasoning is based on advanced computational intelligence approaches. The selection of the android OS was based on its popularity and on the number of critical applications available for it. The CIantiMF uses two advanced technology extensions for the ART java virtual machine which is the default in the recent versions of android. The first is the smart anti-malware extension, which can recognize whether the java classes of an android application are benign or malicious using an optimized multi-layer perceptron. The optimization is done by the employment of the biogeography-based optimizer algorithm. The second is the Tor online traffic identification extension, which is capable of achieving malware localization, Tor traffic identification B Konstantinos Demertzis kdemertz@fmenr.duth.gr Lazaros Iliadis

show abstract

Static Analysis of Executables for Collaborative Malware Detection on Android

Cited by 188 publications

References 20 publications

High accuracy android malware detection using ensemble learning

High accuracy android malware detection using ensemble learning

MBotCS: A Mobile Botnet Detection System Based on Machine Learning

Computational intelligence anti-malware framework for android OS

Contact Info

Product

Resources

About