Abstract
With the ever rising amount and quality of malicious software for mobile phones, multiple ways to detect such threats are desirable. Next to classical approaches such as dynamic and static analysis, the idea of detecting malicious activities based on the energy consumption introduced by them was recently proposed by several researchers. The key idea behind this kind of detection is the fact that each activity performed on a battery powered device drains a certain amount of energy from it. This implies that measuring the energy consumption may reveal unwanted and possibly malicious software running next to genuine applications on such a device: if the normal energy consumption is known for a device, additional used up energy should be detectable.
In this paper, we evaluate whether such an approach is indeed feasible for modern smartphones and argue that results presented in prior work are not applicable to such devices. By studying the typical energy consumption of different aspects of common Android phones, we show that it varies quite a lot in practice. Furthermore, empirical tests with both artificial and real-world malware indicate that the additional power consumed by such apps is too small to be detectable with the mean error rates of state-of-the art measurement tools.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Battery Performance Characteristics, http://www.mpoweruk.com/performance.htm
Balasubramanian, N., Balasubramanian, A., Venkataramani, A.: Energy Consumption in Mobile Phones: A Measurement Study and Implications for Network Applications. In: Internet Measurement Conference, IMC (2009)
Pettey, C., van der Meulen, R.: Gartner Says Worldwide Sales of Mobile Phones Declined 3 Percent in Third Quarter of 2012, Smartphone Sales Increased 47 Percent (2012), http://www.gartner.com/newsroom/id/2237315
Maslennikov, D., Namestnikov, Y.: Kaspersky Security Bulletin. The overall statistics for 2012 (2012), www.securelist.com/en/analysis/204792255/Kaspersky_Security_Bulletin_2012_The_overall_statistics_for_2012
Dixon, B., Jiang, Y., Jaiantilal, A., Mishra, S.: Location based power analysis to detect malicious code in smartphones. In: ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM (2011)
Dong, M., Zhong, L.: Self-Constructive High-Rate System Energy Modeling for Battery-Powered Mobile Systems. In: International Conference on Mobile Systems, Applications, and Services, MobiSys (2011)
Egele, M., Kruegel, C., Kirda, E., Vigna, G.: PiOS: Detecting Privacy Leaks in iOS Applications. In: Network and Distributed System Security Symposium, NDSS (2011)
Enck, W., Gilbert, P., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: USENIX Symposium on Operating Systems Design and Implementation, OSDI (2010)
Falaki, H., Mahajan, R., Kandula, S., Lymberopoulos, D., Govindan, R., Estrin, D.: Diversity in smartphone usage. In: International Conference on Mobile Systems, Applications and Services, MobiSys (2010)
Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: RiskRanker: Scalable and Accurate Zero-day Android Malware Detection. In: International Conference on Mobile Systems, Applications, and Services, MobiSys (2012)
Jindal, A., Pathak, A., Hu, Y.C., Midkiff, S.P.: Hypnos: Understanding and Treating Sleep Conflicts in Smartphones. In: EuroSys, pp. 253–266 (2013)
Kim, H., Smith, J., Shin, K.G.: Detecting Energy-Greedy Anomalies and Mobile Malware Variants. In: International Conference on Mobile Systems, Applications and Services, MobiSys (2008)
Liu, L., Yan, G., Zhang, X., Chen, S.: VirusMeter: Preventing your cellphone from spies. In: Kirda, E., Jha, S., Balzarotti, D. (eds.) RAID 2009. LNCS, vol. 5758, pp. 244–264. Springer, Heidelberg (2009)
Park, S., Savvides, A., Srivastava, M.: Battery Capacity Measurement And Analysis Using Lithium Coin Cell Battery. In: International Symposium on Low Power Electronics and Design, ISLPED (2001)
Pathak, A., Hu, Y.C., Zhang, M.: Where is the energy spent inside my app? Fine Grained Energy Accounting on Smartphones with Eprof. In: ACM European Conference on Computer Systems, EuroSys (2012)
Pathak, A., Hu, Y.C., Zhang, M., Bahl, P., Wang, Y.-M.: Fine-Grained Power Modeling for Smartphones Using System Call Tracing. In: ACM European Conference on Computer Systems, EuroSys (2011)
Rao, R., Vrudhula, S., Rakhmatov, D.: Battery modeling for energy aware system design. Computer 36(12), 77–87 (2003)
Victor Chebyshev. Mobile attacks! http://www.securelist.com/en/blog/805/Mobile_attacks
Yoon, C., Kim, D., Jung, W., Kang, C., Cha, H., ATC: AppScope: Application Energy Metering Framework for Android Smartphones Using Kernel Activity Monitoring. In: USENIX Annual Technical Conference, ATC (2012)
Zhang, L., Tiwana, B., Qian, Z., Wang, Z., Dick, R.P., Mao, Z.M., Yang, L.: Accurate online power estimation and automatic battery behavior based power model generation for smartphones. In: Conference on Hardware/Software Codesign and System Synthesis (2010)
Zhou, Y., Jiang, X.: Dissecting Android Malware: Characterization and Evolution. In: IEEE Symposium on Security and Privacy (2012)
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets. In: Network and Distributed System Security Symposium, NDSS (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hoffmann, J., Neumann, S., Holz, T. (2013). Mobile Malware Detection Based on Energy Fingerprints — A Dead End?. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2013. Lecture Notes in Computer Science, vol 8145. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41284-4_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-41284-4_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41283-7
Online ISBN: 978-3-642-41284-4
eBook Packages: Computer ScienceComputer Science (R0)