Android Malware Detection Based on Software Complexity Metrics
作者: Mykola Protsenko , Tilo Müller
DOI: 10.1007/978-3-319-09770-1_3
关键词: Source code 、 Test set 、 Computer science 、 Malware 、 False positive rate 、 Machine learning 、 Permission 、 Android (operating system) 、 Obfuscation 、 Artificial intelligence 、 Computer security 、 Cyclomatic complexity
摘要: In this paper, we propose a new approach for the static detection of Android malware by means machine learning that is based on software complexity metrics, such as McCabe’s Cyclomatic Complexity and Chidamber Kemerer Metrics Suite. The practical evaluation our approach, involving 20,703 benign 11,444 malicious apps, witnesses high classification quality proposed method, assess its resilience against common obfuscation transformations. With respect to large-scale test set more than 32,000 show true positive rate up 93% false 0.5% unobfuscated samples. For obfuscated samples, however, register significant drop rate, whereas permission-based schemes are immune program According these results, advocate method be useful detector samples within family sharing functionality source code. Our conservative classifications, might hence suitable an automated weighting e.g., Google Bouncer.
springer.com
sci-hub.st 参考文章(22)
Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, Pablo Garcia Bringas, Gonzalo Álvarez, PUMA: Permission Usage to Detect Malware in Android CISIS/ICEUTE/SOCO Special Sessions. pp. 289- 298 ,(2013) , 10.1007/978-3-642-33018-6_30
Borja Sanz, Igor Santos, Javier Nieves, Carlos Laorden, Inigo Alonso-Gonzalez, Pablo G Bringas, None, MADS: Malicious Android Applications Detection through String Analysis Network and System Security. pp. 178- 191 ,(2013) , 10.1007/978-3-642-38631-2_14
Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, Javier Nieves, Pablo G Bringas, Gonzalo Álvarez Marañón, None, MAMA: MANIFEST ANALYSIS FOR MALWARE DETECTION IN ANDROID Cybernetics and Systems. ,vol. 44, pp. 469- 488 ,(2013) , 10.1080/01969722.2013.803889
Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, Yael Weiss, Andromaly: a behavioral malware detection framework for android devices intelligent information systems. ,vol. 38, pp. 161- 190 ,(2012) , 10.1007/S10844-010-0148-X
T.J. McCabe, A Complexity Measure IEEE Transactions on Software Engineering. ,vol. SE-2, pp. 308- 320 ,(1976) , 10.1109/TSE.1976.233837
Stanley Lemeshow, David W. Hosmer, Applied Logistic Regression ,(1989)
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, Kuo-Ping Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing information security. pp. 62- 69 ,(2012) , 10.1109/ASIAJCIS.2012.18
Mykola Protsenko, Tilo Muller, PANDORA applies non-deterministic obfuscation randomly to Android international conference on malicious and unwanted software. pp. 59- 67 ,(2013) , 10.1109/MALWARE.2013.6703686
Dirk Beyer, Ashgan Fararooy, A Simple and Effective Measure for Complex Low-Level Dependencies international conference on program comprehension. pp. 80- 83 ,(2010) , 10.1109/ICPC.2010.49