DroidChain: A novel Android malware detection method based on behavior chains
作者: Zhaoguo Wang , Chenglong Li , Zhenlong Yuan , Yi Guan , Yibo Xue
DOI: 10.1016/J.PMCJ.2016.06.018
关键词:
摘要: Abstract The drastic increase of Android malware has led to strong interest in automating analysis. In this paper, fight against variants and zero-day malware, we proposed DroidChain: a method combining static analysis behavior chain model. We transform the detection problem into more accessible matrix form. Using method, propose four kinds models, including privacy leakage, SMS financial charges, installation, privilege escalation. To reduce time complexity, WxShall-extend algorithm. had moved prototype GitHub evaluate using 1260 samples. Experimental results demonstrate accuracy, precision, recall 73%–93%, 71%–99%, 42%–92%, respectively. Calculation accounts for 6.58% well-known Warshall algorithm’s expense. Results that our which can detect simultaneously, is better than Androguard Kirin.
sci-hub.se 参考文章(26)
Machigar Ongtang, Stephen McLaughlin, William Enck, Patrick McDaniel, Semantically rich application-centric security in Android Security and Communication Networks. ,vol. 5, pp. 658- 673 ,(2012) , 10.1002/SEC.360
Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang, Binyu Zang, Vetting undesirable behaviors in android apps with permission use analysis computer and communications security. pp. 611- 622 ,(2013) , 10.1145/2508859.2516689
David Barrera, H. G üne ş Kayacik, Paul C. van Oorschot, Anil Somayaji, A methodology for empirical analysis of permission-based security models and its application to android Proceedings of the 17th ACM conference on Computer and communications security - CCS '10. pp. 73- 84 ,(2010) , 10.1145/1866307.1866317
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691
Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, Xuxian Jiang, RiskRanker Proceedings of the 10th international conference on Mobile systems, applications, and services - MobiSys '12. pp. 281- 294 ,(2012) , 10.1145/2307636.2307663
Alastair R. Beresford, Andrew Rice, Nicholas Skehin, Ripduman Sohan, MockDroid Proceedings of the 12th Workshop on Mobile Computing Systems and Applications - HotMobile '11. pp. 49- 54 ,(2011) , 10.1145/2184489.2184500
Parvez Faruki, Ammar Bharmal, Vijay Laxmi, Vijay Ganmoor, Manoj Singh Gaur, Mauro Conti, Muttukrishnan Rajarajan, Android Security: A Survey of Issues, Malware Penetration, and Defenses IEEE Communications Surveys and Tutorials. ,vol. 17, pp. 998- 1022 ,(2015) , 10.1109/COMST.2014.2386139
William Enck, Peter Gilbert, Seungyeop Han, Vasant Tendulkar, Byung-Gon Chun, Landon P. Cox, Jaeyeon Jung, Patrick McDaniel, Anmol N. Sheth, TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones ACM Transactions on Computer Systems. ,vol. 32, pp. 5- ,(2014) , 10.1145/2619091
Christian D’Orazio, Kim-Kwang Raymond Choo, A Generic Process to Identify Vulnerabilities and Design Weaknesses in iOS Healthcare Apps Social Science Research Network. ,(2015)
Mohammad Nauman, Sohail Khan, Xinwen Zhang, Apex: extending Android permission model and enforcement with user-defined runtime constraints computer and communications security. pp. 328- 332 ,(2010) , 10.1145/1755688.1755732