Back-propagation neural network on Markov chains from system call sequences: a new approach for detecting Android malware with system call sequences
作者: Xi Xiao , Zhenlong Wang , Qing Li , Shutao Xia , Yong Jiang
DOI: 10.1049/IET-IFS.2015.0211
关键词:
摘要: Android has become the most prevalent mobile system, but in meanwhile malware on this platform is widespread. System call sequences are studied to detect malware. However, detection with these approaches relies common system-call-subsequences. It not so efficient because it difficult decide appropriate length of subsequences. To address issue, authors propose a new approach, back-propagation neural network Markov chains from system (BMSCS). treats one sequence as homogeneous stationary chain and applies (BPNN) by comparing transition probabilities chain. Since another significantly different those benign applications, BMSCS can efficiently capturing anomaly state transitions help BPNN. The evaluate performance experiments real application samples. experiment results show that F -score achieves up 0.982773, which higher than other methods literature.
sci-hub.se 参考文章(25)
Yousra Aafer, Wenliang Du, Heng Yin, DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. pp. 86- 103 ,(2013) , 10.1007/978-3-319-04283-1_6
Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, Yael Weiss, Andromaly: a behavioral malware detection framework for android devices intelligent information systems. ,vol. 38, pp. 161- 190 ,(2012) , 10.1007/S10844-010-0148-X
Wu Zhou, Yajin Zhou, Xuxian Jiang, Peng Ning, Detecting repackaged smartphone applications in third-party android marketplaces Proceedings of the second ACM conference on Data and Application Security and Privacy - CODASKY '12. pp. 317- 326 ,(2012) , 10.1145/2133601.2133640
Suleiman Y. Yerima, Gavin McWilliams, Sakir Sezer, Analysis of Bayesian classification-based approaches for Android malware detection Iet Information Security. ,vol. 8, pp. 25- 36 ,(2014) , 10.1049/IET-IFS.2013.0095
Iker Burguera, Urko Zurutuza, Simin Nadjm-Tehrani, Crowdroid Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices - SPSM '11. pp. 15- 26 ,(2011) , 10.1145/2046614.2046619
Thomas Bläsing, Leonid Batyuk, Aubrey-Derrick Schmidt, Seyit Ahmet Camtepe, Sahin Albayrak, An Android Application Sandbox system for suspicious software detection international conference on malicious and unwanted software. pp. 55- 62 ,(2010) , 10.1109/MALWARE.2010.5665792
Takamasa Isohara, Keisuke Takemori, Ayumu Kubota, Kernel-based Behavior Analysis for Android Malware Detection computational intelligence and security. pp. 1011- 1015 ,(2011) , 10.1109/CIS.2011.226
GuangCai Kuang, XiaoFeng Wang, LiRu Yin, A fuzzy forecast method for network security situation based on Markov international conference on computer science and information processing. pp. 785- 789 ,(2012) , 10.1109/CSIP.2012.6308971
Naser Peiravian, Xingquan Zhu, Machine Learning for Android Malware Detection Using Permission and API Calls international conference on tools with artificial intelligence. pp. 300- 305 ,(2013) , 10.1109/ICTAI.2013.53
William Enck, Machigar Ongtang, Patrick McDaniel, On lightweight mobile phone application certification computer and communications security. pp. 235- 245 ,(2009) , 10.1145/1653662.1653691