Performance Evaluation on Permission-Based Detection for Android Malware
作者: Chun-Ying Huang , Yi-Ting Tsai , Chung-Han Hsu
DOI: 10.1007/978-3-642-35473-1_12
关键词: Permission 、 Android malware 、 Naive Bayes classifier 、 Data mining 、 Android (operating system) 、 Malware 、 AdaBoost 、 Computer science 、 Support vector machine 、 Decision tree
摘要: It is a straightforward idea to detect harmful mobile application based on the permissions it requests. This study attempts explore possibility of detecting malicious applications in Android operating system permissions. Compare against previous researches, we collect relative large number benign and (124,769 480, respectively) conduct experiments collected samples. In addition requested required permissions, also extract several easy-to-retrieve features from packages help detection applications. Four commonly used machine learning algorithms including AdaBoost, Naive Bayes, Decision Tree (C4.5), Support Vector Machine are evaluate performance. Experimental results show that permission-based detector can more than 81% However, due its precision, conclude mechanism be as quick filter identify still requires second pass make complete analysis reported application.
springer.com
nctu.edu.tw参考文章(12)
Silvio Cesare, Yang Xiang, Classification of malware using structured control flow AusPDC '10 Proceedings of the Eighth Australasian Symposium on Parallel and Distributed Computing - Volume 107. pp. 61- 70 ,(2010)
Ryan Johnson, Zhaohui Wang, Corey Gagnon, Angelos Stavrou, Analysis of Android Applications' Permissions 2012 IEEE Sixth International Conference on Software Security and Reliability Companion. pp. 45- 46 ,(2012) , 10.1109/SERE-C.2012.44
David Barrera, H. G üne ş Kayacik, Paul C. van Oorschot, Anil Somayaji, A methodology for empirical analysis of permission-based security models and its application to android Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 73- 84 ,(2010) , 10.1145/1866307.1866317
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
William Enck, Machigar Ongtang, Patrick McDaniel, Understanding Android Security ieee symposium on security and privacy. ,vol. 7, pp. 50- 57 ,(2009) , 10.1109/MSP.2009.26
Chih-Jen Lin, Chih-Wei Hsu, Chih-Chung Chang, A Practical Guide to Support Vector Classication 臺北市:國立臺灣大學資訊工程學系. ,(2008)
Shuai Li, Mike Schliep, Nick Hopper, Facet: Streaming over Videoconferencing for Censorship Circumvention workshop on privacy in the electronic society. pp. 163- 172 ,(2014) , 10.1145/2665943.2665944
Adrienne Porter Felt, Erika Chin, Steve Hanna, Dawn Song, David Wagner, Android permissions demystified Proceedings of the 18th ACM conference on Computer and communications security - CCS '11. pp. 627- 638 ,(2011) , 10.1145/2046707.2046779
Yajin Zhou, Xuxian Jiang, Dissecting Android Malware: Characterization and Evolution ieee symposium on security and privacy. pp. 95- 109 ,(2012) , 10.1109/SP.2012.16
A.-D. Schmidt, R. Bye, H.-G. Schmidt, J. Clausen, O. Kiraz, K. A. Yuksel, S. A. Camtepe, S. Albayrak, Static Analysis of Executables for Collaborative Malware Detection on Android international conference on communications. pp. 631- 635 ,(2009) , 10.1109/ICC.2009.5199486