Comprehensive Behavior Profiling for Proactive Android Malware Detection
作者: Britton Wolfe , Karim O. Elish , Danfeng Yao
DOI: 10.1007/978-3-319-13257-0_19
关键词:
摘要: We present a new method of screening for malicious Android applications that uses two types information about the application: permissions application requests in its installation manifest and metric called percentage valid call sites (PVCS). PVCS measures riskiness based on data flow graph. The is used with machine learning algorithms to classify previously unseen as or benign high degree accuracy. Our classifier outperforms previous state art by significant margin, particularly low false positive rates. Furthermore, evaluation performed malware families were not training phase, simulating accuracy yet be developed. found our SEND_SMS permission are specific pieces most useful classifier.
springer.com
sci-hub.st 参考文章(24)
Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, Pablo Garcia Bringas, Gonzalo Álvarez, PUMA: Permission Usage to Detect Malware in Android CISIS/ICEUTE/SOCO Special Sessions. pp. 289- 298 ,(2013) , 10.1007/978-3-642-33018-6_30
Raja Vallee-Rai, Patrick Lam, Vijay Sundaresan, Laurie Hendren, Phong Co, Etienne M. Gagnon, Soot---a java optimization framework conference of the centre for advanced studies on collaborative research. ,(1999)
Wenke Lee, S.J. Stolfo, K.W. Mok, A data mining framework for building intrusion detection models ieee symposium on security and privacy. pp. 120- 132 ,(1999) , 10.1109/SECPRI.1999.766909
Yousra Aafer, Wenliang Du, Heng Yin, DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. pp. 86- 103 ,(2013) , 10.1007/978-3-319-04283-1_6
Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, Yael Weiss, Andromaly: a behavioral malware detection framework for android devices intelligent information systems. ,vol. 38, pp. 161- 190 ,(2012) , 10.1007/S10844-010-0148-X
Marco Cova, Christopher Kruegel, Giovanni Vigna, Detection and analysis of drive-by-download attacks and malicious JavaScript code the web conference. pp. 281- 290 ,(2010) , 10.1145/1772690.1772720
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, Kuo-Ping Wu, DroidMat: Android Malware Detection through Manifest and API Calls Tracing information security. pp. 62- 69 ,(2012) , 10.1109/ASIAJCIS.2012.18
Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, Xuxian Jiang, RiskRanker Proceedings of the 10th international conference on Mobile systems, applications, and services - MobiSys '12. pp. 281- 294 ,(2012) , 10.1145/2307636.2307663
Hao Peng, Chris Gates, Bhaskar Sarma, Ninghui Li, Yuan Qi, Rahul Potharaju, Cristina Nita-Rotaru, Ian Molloy, Using probabilistic generative models for ranking risks of Android apps Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 241- 252 ,(2012) , 10.1145/2382196.2382224