MARVIN: Efficient and Comprehensive Mobile App Classification through Static and Dynamic Analysis
作者: Martina Lindorfer , Matthias Neugschwandtner , Christian Platzer , None
关键词: Android (operating system) 、 Mobile telephony 、 Machine learning 、 Malware analysis 、 Computer security 、 False positive paradox 、 Malware 、 Static analysis 、 Computer science 、 Android malware 、 Artificial intelligence
摘要: Android dominates the smartphone operating system market and consequently has attracted attention of malware authors researchers alike. Despite considerable number proposed analysis systems, comprehensive practical solutions are scarce often short-lived. Systems relying on static alone struggle with increasingly popular obfuscation dynamic code loading techniques, while purely systems prone to evasion. We present MARVIN, a that combines which leverages machine learning techniques assess risk associated unknown apps in form malice score. MARVIN performs analysis, both off-device, represent properties behavioral aspects an app through rich feature set. In our evaluation largest classification data set date, comprised over 135,000 15,000 samples, correctly classifies 98.24% malicious less than 0.04% false positives. further estimate necessary retraining interval maintain detection performance demonstrate long-term practicality approach.
sci-hub.se 参考文章(43)
Martina Lindorfer, Stamatis Volanis, Alessandro Sisto, Matthias Neugschwandtner, Elias Athanasopoulos, Federico Maggi, Christian Platzer, Stefano Zanero, Sotiris Ioannidis, AndRadar: Fast Discovery of Android Applications in Alternative Markets international conference on detection of intrusions and malware, and vulnerability assessment. pp. 51- 71 ,(2014) , 10.1007/978-3-319-08509-8_4
Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, Pablo Garcia Bringas, Gonzalo Álvarez, PUMA: Permission Usage to Detect Malware in Android CISIS/ICEUTE/SOCO Special Sessions. pp. 289- 298 ,(2013) , 10.1007/978-3-642-33018-6_30
Yi-Wei Chen, Chih-Jen Lin, Combining SVMs with Various Feature Selection Strategies Feature Extraction. pp. 315- 324 ,(2006) , 10.1007/978-3-540-35488-8_13
Roberto Perdisci, David Dagon, Yacin Nadji, Manos Antonakakis, Nikolaos Vasiloglou, Wenke Lee, Saeed Abu-Nimeh, From throw-away traffic to bots: detecting the rise of DGA-based malware usenix security symposium. pp. 24- 24 ,(2012)
Konrad Rieck, Thorsten Holz, Carsten Willems, Patrick Düssel, Pavel Laskov, Learning and Classification of Malware Behavior international conference on detection of intrusions and malware and vulnerability assessment. pp. 108- 125 ,(2008) , 10.1007/978-3-540-70542-0_6
Ulrich Bayer, Paolo Milani Comparetti, Clemens Hlauschek, Christopher Kruegel, Engin Kirda, Scalable, behavior-based malware clustering network and distributed system security symposium. ,(2009)
Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, Yael Weiss, Andromaly: a behavioral malware detection framework for android devices intelligent information systems. ,vol. 38, pp. 161- 190 ,(2012) , 10.1007/S10844-010-0148-X
Chris Jarabek, David Barrera, John Aycock, ThinAV Proceedings of the 28th Annual Computer Security Applications Conference on - ACSAC '12. pp. 209- 218 ,(2012) , 10.1145/2420950.2420983
Matthias Neugschwandtner, Paolo Milani Comparetti, Gregoire Jacob, Christopher Kruegel, FORECAST: skimming off the malware cream annual computer security applications conference. pp. 11- 20 ,(2011) , 10.1145/2076732.2076735
Jerry Cheng, Starsky H.Y. Wong, Hao Yang, Songwu Lu, SmartSiren Proceedings of the 5th international conference on Mobile systems, applications and services - MobiSys '07. pp. 258- 271 ,(2007) , 10.1145/1247660.1247690