Mining network traffic for application category recognition on Android platform
作者: Songjie Wei , Gaoxiang Wu , Ziyang Zhou , Ling Yang
关键词: Coding (social sciences) 、 Classifier (UML) 、 Computer network 、 Derived category 、 Computer science 、 Network simulation 、 Mobile malware 、 Malware 、 Operating system 、 Testbed 、 Android (operating system)
摘要: Signature-based static mobile malware detection is fragile when facing code obfuscation and transformation attacks. Behavior based mechanisms have been widely studied experimented. So far only the application's running behaviors, such as API calls resource consumption are used, which can also be easily concealed obfuscated with various coding tricks. Most need either cellular or network connection to conduct their malicious activities. We propose monitor an behavior interaction characterize application behaviors. An integrated testbed system has designed prototyped for collection. Statistical features derived from traffic, further fed a machine-learning classifier build one general model each typical category of applications. Experiments show that applications in identical functionality exhibit similar makes it possible use behaviors evaluate future unknown its trustworthiness.
sci-hub.se 参考文章(14)
William Enck, Patrick McDaniel, Jaeyeon Jung, Byung-Gon Chun, Peter Gilbert, Anmol N. Sheth, Landon P. Cox, TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones operating systems design and implementation. pp. 393- 407 ,(2010) , 10.5555/1924943.1924971
Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, Yael Weiss, Andromaly: a behavioral malware detection framework for android devices intelligent information systems. ,vol. 38, pp. 161- 190 ,(2012) , 10.1007/S10844-010-0148-X
Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang, Vetting undesirable behaviors in android apps with permission use analysis computer and communications security. pp. 611- 622 ,(2013) , 10.1145/2508859.2516689
Ugur Pehlivan, Nuray Baltaci, Cengiz Acarturk, Nazife Baykal, The analysis of feature selection methods and classification algorithms in permission based Android malware detection 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS). pp. 1- 8 ,(2014) , 10.1109/CICYBS.2014.7013371
Min Zheng, Mingshen Sun, John C.S. Lui, Droid Analytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. pp. 163- 171 ,(2013) , 10.1109/TRUSTCOM.2013.25
Ai-Fen Sui, Dai-Fei Guo, Tao Guo, Ming-zhu Li, Network behavior based mobile virus detection international conference on communication technology. pp. 872- 876 ,(2012) , 10.1109/ICCT.2012.6511430
Kuai Xu, Feng Wang, Lin Gu, Behavior analysis of internet traffic via bipartite graphs and one-mode projections IEEE ACM Transactions on Networking. ,vol. 22, pp. 931- 942 ,(2014) , 10.1109/TNET.2013.2264634
Wei Wang, Xing Wang, Dawei Feng, Jiqiang Liu, Zhen Han, Xiangliang Zhang, Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection IEEE Transactions on Information Forensics and Security. ,vol. 9, pp. 1869- 1882 ,(2014) , 10.1109/TIFS.2014.2353996
Vaibhav Rastogi, Yan Chen, Xuxian Jiang, Catch Me If You Can: Evaluating Android Anti-Malware Against Transformation Attacks IEEE Transactions on Information Forensics and Security. ,vol. 9, pp. 99- 108 ,(2014) , 10.1109/TIFS.2013.2290431
Daiyong Quan, Lidong Zhai, Fan Yang, Peng Wang, Detection of Android Malicious Apps Based on the Sensitive Behaviors trust security and privacy in computing and communications. pp. 877- 883 ,(2014) , 10.1109/TRUSTCOM.2014.115