ABSTRACT
With the development of malicious applications on the Android platform, detection methods for malicious applications have gradually become a hot research content. The existing analysis methods have some shortcomings: on the one hand, the same algorithm cannot fully detect different features; on the other hand, more and more malicious code uses dynamic loading mechanism. In view of the above limitations, this paper proposes a method to detect different features by using a variety of classification algorithms. First, two types of permissions to be applied for detection and function call are extracted. Mutual information processing is used to reduce data that has little impact on classification. Then, different classification algorithms are used for calculation to select the optimal algorithm for the two characteristic attributes. Finally, according to the optimal algorithm to determine whether the application to be detected belongs to malicious applications Experimental results show that the proposed method has a high recognition rate and can effectively identify malicious applications.
- Li Y, Jin Z, An android malware detection method based on feature codes{C}//International Conference on Mechatronics, Materials Chemistry and Computer Engieering, 2015:2690--2694.Google Scholar
- Wu S, Wang P, Li X, et al. Effective detection of android malware based on the usage of data flow APIs and machine learning {J}//Information & Software Technology, 2016, 75(C):17--25.Google Scholar
- Sato R, Chiba D, Goto S, Detecting android malware by analyzing manifest files{C}//Asia Pacific Advanced Network, 2013. 23--31.Google Scholar
- Junaid M, Liu D, Kung D. Dexteroid: detecting malicious behaviors in Android apps using reverse engineered life cycle models{J}//Computer & Security, 2016, 59:92--117.Google Scholar
- Wang W, Wang X, Feng D W, et al. Exploring Permission Induced Risk in Android Applications for Malicious Application Detection{J}//IEEE Transaction On Information Forensics and Security, 2014, 9(11):1869--1882.Google Scholar
- Nauman M, Khan S, Zhang X. Apex: extending android permission model and enforcementwith user-defined runtime constraints{C}//Proceedings of the 5th ACM Symposium on Informatin, Computer and Communications Security. 2010:328--332. Google ScholarDigital Library
- Mistry N, Padariya N. Review of behavior malware analysis for android{J}//International Journal of Engineering and Innovative Technology, 2013, 2(7):230--232.Google Scholar
- Enck W, Gilbert P, Chun B G, et al. TaintDroid: An information flow tracking system for realtime privacy monitoring on smartphones{C}//Usenix Symposium on Operating Systems Design and Implementation(OSDI 2010). 2010:393--407. Google ScholarDigital Library
- Zhang Y, Yang M, Xu B, et al. Vetting undesirable behaviors in Android apps with permission use analysis{C}//The 20th ACM Conference on Computer and Communications Security. 2013:611--622. Google ScholarDigital Library
- Nishimoto Y, Kajiwara N, Matsumoto S, et al. Detection of Android API Call Using Logging Mechanism within Android Framework{C}// International Conference on Security and Privacy in Communication System.2013:393--404.Google Scholar
- Enck W, Ongtang M, McDaniel P. Understanding android security. IEEE Security & Privacy, 2009, 7(1):50--57. Google ScholarDigital Library
- Wu Z Z, Chen X Y, Yang Zhi, et al. Optimal mining on android permission configuration{J}. Journal of Chinese Computer System, 2015, 36(10):2354--2359.Google Scholar
- Zhou Y J, Jiang X X, Dissecting android malware: Characterization and evolution{C}//Proceeding of the IEEE Symposium on Security and Privacy. 2012:1063--1069. Google ScholarDigital Library
- Wu DJ, Mao CH, Wei TE, et al. DroidMat:Android malware detection through manifest and API calls tracing. Proc. of the 7th Asia Joint Conference on Information Security. Tokyo, Japan. 2012.62--69. Google ScholarDigital Library
Index Terms
- Android Malicious Application Detection Method Based on Multi-class Characteristics
Recommendations
Malicious Application Detection and Classification System for Android Mobiles
The Android Mobiles constitute a large portion of mobile market which also attracts the malware developer for malicious gains. Every year hundreds of malwares are detected in the Android market. Unofficial and Official Android market such as Google Play ...
Malicious Android Application Detection Based on Composite Features
CSAE '19: Proceedings of the 3rd International Conference on Computer Science and Application EngineeringWith the use of mobile phones, malicious applications are constantly developing, affecting the normal use of mobile phones by users. For the malicious application of Android platform, a detection model based on combined features is proposed. The model ...
CENDroid—A cluster-ensemble classifier for detecting malicious Android applications
AbstractGiven the use of mobile phones in our day-to-day activities—from basic applications (such as alarm clocks) to sensitive applications (such as banking)—these devices perform a vital function in today's world. Because of the sensitive ...
Comments