Skip to main content
SpringerLink
Log in
SpringerLink
Log in

Mobile Malware Detection Based on Energy Fingerprints — A Dead End?

  • Conference paper
Research in Attacks, Intrusions, and Defenses (RAID 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8145))

Included in the following conference series:

Abstract

With the ever rising amount and quality of malicious software for mobile phones, multiple ways to detect such threats are desirable. Next to classical approaches such as dynamic and static analysis, the idea of detecting malicious activities based on the energy consumption introduced by them was recently proposed by several researchers. The key idea behind this kind of detection is the fact that each activity performed on a battery powered device drains a certain amount of energy from it. This implies that measuring the energy consumption may reveal unwanted and possibly malicious software running next to genuine applications on such a device: if the normal energy consumption is known for a device, additional used up energy should be detectable.

In this paper, we evaluate whether such an approach is indeed feasible for modern smartphones and argue that results presented in prior work are not applicable to such devices. By studying the typical energy consumption of different aspects of common Android phones, we show that it varies quite a lot in practice. Furthermore, empirical tests with both artificial and real-world malware indicate that the additional power consumed by such apps is too small to be detectable with the mean error rates of state-of-the art measurement tools.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Battery Performance Characteristics, http://www.mpoweruk.com/performance.htm

  2. Balasubramanian, N., Balasubramanian, A., Venkataramani, A.: Energy Consumption in Mobile Phones: A Measurement Study and Implications for Network Applications. In: Internet Measurement Conference, IMC (2009)

    Google Scholar 

  3. Pettey, C., van der Meulen, R.: Gartner Says Worldwide Sales of Mobile Phones Declined 3 Percent in Third Quarter of 2012, Smartphone Sales Increased 47 Percent (2012), http://www.gartner.com/newsroom/id/2237315

  4. Maslennikov, D., Namestnikov, Y.: Kaspersky Security Bulletin. The overall statistics for 2012 (2012), www.securelist.com/en/analysis/204792255/Kaspersky_Security_Bulletin_2012_The_overall_statistics_for_2012

  5. Dixon, B., Jiang, Y., Jaiantilal, A., Mishra, S.: Location based power analysis to detect malicious code in smartphones. In: ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM (2011)

    Google Scholar 

  6. Dong, M., Zhong, L.: Self-Constructive High-Rate System Energy Modeling for Battery-Powered Mobile Systems. In: International Conference on Mobile Systems, Applications, and Services, MobiSys (2011)

    Google Scholar 

  7. Egele, M., Kruegel, C., Kirda, E., Vigna, G.: PiOS: Detecting Privacy Leaks in iOS Applications. In: Network and Distributed System Security Symposium, NDSS (2011)

    Google Scholar 

  8. Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: USENIX Symposium on Operating Systems Design and Implementation, OSDI (2010)

    Google Scholar 

  9. Falaki, H., Mahajan, R., Kandula, S., Lymberopoulos, D., Govindan, R., Estrin, D.: Diversity in smartphone usage. In: International Conference on Mobile Systems, Applications and Services, MobiSys (2010)

    Google Scholar 

  10. Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. In: International Conference on Mobile Systems, Applications, and Services, MobiSys (2012)

    Google Scholar 

  11. Jindal, A., Pathak, A., Hu, Y.C., Midkiff, S.P.: Hypnos: Understanding and Treating Sleep Conflicts in Smartphones. In: EuroSys, pp. 253–266 (2013)

    Google Scholar 

  12. Kim, H., Smith, J., Shin, K.G.: Detecting Energy-Greedy Anomalies and Mobile Malware Variants. In: International Conference on Mobile Systems, Applications and Services, MobiSys (2008)

    Google Scholar 

  13. Liu, L., Yan, G., Zhang, X., Chen, S.: VirusMeter: Preventing your cellphone from spies. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 244–264. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Park, S., Savvides, A., Srivastava, M.: Battery Capacity Measurement And Analysis Using Lithium Coin Cell Battery. In: International Symposium on Low Power Electronics and Design, ISLPED (2001)

    Google Scholar 

  15. Pathak, A., Hu, Y.C., Zhang, M.: Where is the energy spent inside my app? Fine Grained Energy Accounting on Smartphones with Eprof. In: ACM European Conference on Computer Systems, EuroSys (2012)

    Google Scholar 

  16. Pathak, A., Hu, Y.C., Zhang, M., Bahl, P., Wang, Y.-M.: Fine-Grained Power Modeling for Smartphones Using System Call Tracing. In: ACM European Conference on Computer Systems, EuroSys (2011)

    Google Scholar 

  17. Rao, R., Vrudhula, S., Rakhmatov, D.: Battery modeling for energy aware system design. Computer 36(12), 77–87 (2003)

    Article  Google Scholar 

  18. Victor Chebyshev. Mobile attacks! http://www.securelist.com/en/blog/805/Mobile_attacks

  19. Yoon, C., Kim, D., Jung, W., Kang, C., Cha, H., ATC: AppScope: Application Energy Metering Framework for Android Smartphones Using Kernel Activity Monitoring. In: USENIX Annual Technical Conference, ATC (2012)

    Google Scholar 

  20. Zhang, L., Tiwana, B., Qian, Z., Wang, Z., Dick, R.P., Mao, Z.M., Yang, L.: Accurate online power estimation and automatic battery behavior based power model generation for smartphones. In: Conference on Hardware/Software Codesign and System Synthesis (2010)

    Google Scholar 

  21. Zhou, Y., Jiang, X.: Dissecting Android Malware: Characterization and Evolution. In: IEEE Symposium on Security and Privacy (2012)

    Google Scholar 

  22. Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In: Network and Distributed System Security Symposium, NDSS (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Horst Görtz Institute (HGI), Ruhr-University Bochum, Germany

    Johannes Hoffmann, Stephan Neumann & Thorsten Holz

Authors
  1. Johannes Hoffmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stephan Neumann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thorsten Holz
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Columbia University, 1214 Amsterdam Avenue, 10027, NY, USA

    Salvatore J. Stolfo

  2. Department of Computer Science, George Mason University, 22030, Fairfax, VA, USA

    Angelos Stavrou

  3. Department of Computer Science, Portland State University, 97201, Portland, OR, USA

    Charles V. Wright

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hoffmann, J., Neumann, S., Holz, T. (2013). Mobile Malware Detection Based on Energy Fingerprints — A Dead End?. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2013. Lecture Notes in Computer Science, vol 8145. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41284-4_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41284-4_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41283-7

  • Online ISBN: 978-3-642-41284-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation