Function-Oriented Mobile Malware Analysis as First Aid
作者: Jae-wook Jang , Huy Kang Kim
DOI: 10.1155/2016/6707524
关键词:
摘要: Recently, highly well-crafted mobile malware has arisen as devices manage valuable and sensitive information. Currently, it is impossible to detect prevent all because the amount of new continues increase exponentially; detection methods need improve in order respond quickly effectively malware. For quick response, revealing main purpose or functions captured important; however, only few recent works have attempted find malware’s purpose. Our approach designed help with efficient effective incident responses countermeasure development by analyzing malicious behavior. In this paper, we propose a novel method for function-oriented analysis based on suspicious API call patterns. Instead extracting patterns each family, focus such certain functionalities. proposed dumps memory sections where an application allocated extracts sequences from bytecode comparing predefined lists. By matching our functionality database, determines whether they are malicious. The experiment results demonstrate that performs well detecting high accuracy.
hindawi.com
core.ac.uk
elsevier.com参考文章(20)
Chao Yang, Zhaoyan Xu, Guofei Gu, Vinod Yegneswaran, Phillip Porras, DroidMiner: Automated Mining and Characterization of Fine-grained Malicious Behaviors in Android Applications european symposium on research in computer security. pp. 163- 182 ,(2014) , 10.1007/978-3-319-11203-9_10
Yang Wang, Jun Zheng, Chen Sun, Srinivas Mukkamala, Quantitative Security Risk Assessment of Android Permissions and Applications Lecture Notes in Computer Science. pp. 226- 241 ,(2013) , 10.1007/978-3-642-39256-6_15
Jae-wook Jang, Hyunjae Kang, Jiyoung Woo, Aziz Mohaisen, Huy Kang Kim, None, Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information Digital Investigation. ,vol. 14, pp. 17- 35 ,(2015) , 10.1016/J.DIIN.2015.06.002
Youngjoon Ki, Eunjin Kim, Huy Kang Kim, A novel approach to detect malware based on API call sequence analysis International Journal of Distributed Sensor Networks. ,vol. 2015, pp. 659101- ,(2015) , 10.1155/2015/659101
Dongwoo Kim, Jin Kwak, Jaecheol Ryou, None, DWroidDump: executable code extraction from Android applications for malware analysis International Journal of Distributed Sensor Networks. ,vol. 2015, pp. 379682- ,(2015) , 10.1155/2015/379682
Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang, Vetting undesirable behaviors in android apps with permission use analysis computer and communications security. pp. 611- 622 ,(2013) , 10.1145/2508859.2516689
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, Kuo-Ping Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing information security. pp. 62- 69 ,(2012) , 10.1109/ASIAJCIS.2012.18
Min Zheng, Mingshen Sun, John C.S. Lui, Droid Analytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. pp. 163- 171 ,(2013) , 10.1109/TRUSTCOM.2013.25
Hao Peng, Chris Gates, Bhaskar Sarma, Ninghui Li, Yuan Qi, Rahul Potharaju, Cristina Nita-Rotaru, Ian Molloy, Using probabilistic generative models for ranking risks of Android apps Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 241- 252 ,(2012) , 10.1145/2382196.2382224