Detecting Malicious Android Applications from Runtime Behavior

被引:0
|
作者
Lageman, Nathaniel [1 ]
Lindsey, Mark [1 ]
Glodek, William [2 ]
机构
[1] Penn State Univ, Dept Comp Sci & Engn, University Pk, PA 16802 USA
[2] US Army Res Lab, Adelphi, MD USA
来源
2015 IEEE MILITARY COMMUNICATIONS CONFERENCE (MILCOM 2015) | 2015年
关键词
D O I
暂无
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
As of 2011, the Android market has already surpassed the Apple App Store in number of applications. Along with this increase in applications, also comes an increase in number of malicious applications. In response, there has been extensive research done with behavioral analysis and detection methods using system calls, CPU usage, and anomaly-based detection. In this paper, we extend upon these previous works by using logcat and strace outputs to generate runtime datasets of both malicious and benign applications. Using these datasets, we generate feature sets to be used for classification. We test the effectiveness of both a Random Forest classifier and a Support Vector Machine on this feature set. We see the Random Forest classifier perform well with true positive rates exceeding 90% while maintaining a false positive rate less than 6%.
引用
收藏
页码:324 / 329
页数:6
相关论文
共 50 条
  • [41] Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers
    Wang, Wei
    Li, Yuanyuan
    Wang, Xing
    Liu, Jiqiang
    Zhang, Xiangliang
    FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2018, 78 : 987 - 994
  • [42] Combining Multimodal DNN and SigPid technique for detecting Malicious Android Apps
    Vasu, Balaji
    Pari, Neelavathy
    2019 11TH INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING (ICOAC 2019), 2019, : 289 - 294
  • [43] Detecting Malicious Behaviors in Java']JavaScript Applications
    Mao, Jian
    Bian, Jingdong
    Bai, Guangdong
    Wang, Ruilong
    Chen, Yue
    Xiao, Yinhao
    Liang, Zhenkai
    IEEE ACCESS, 2018, 6 : 12284 - 12294
  • [44] Privilege Escalation Detecting in Android Applications
    Zhong, Xingqiu
    Zeng, Fanping
    Cheng, Zhichao
    Xie, Niannian
    Qin, Xiaoxia
    Guo, Shuli
    2017 3RD INTERNATIONAL CONFERENCE ON BIG DATA COMPUTING AND COMMUNICATIONS (BIGCOM), 2017, : 39 - 44
  • [45] Detecting Malware with Similarity to Android applications
    Park, Wonjoo
    Kim, Sun-joong
    Ryu, Won
    2015 INTERNATIONAL CONFERENCE ON ICT CONVERGENCE (ICTC), 2015, : 1249 - 1251
  • [46] MysteryChecker: Unpredictable Attestation to Detect Repackaged Malicious Applications in Android
    Jeong, Jihwan
    Seo, Dongwon
    Lee, Chanyoung
    Kwon, Jonghoon
    Lee, Heejo
    Milburn, John
    PROCEEDINGS OF THE 2014 9TH INTERNATIONAL CONFERENCE ON MALICIOUS AND UNWANTED SOFTWARE: THE AMERICAS (MALWARE), 2014, : 50 - 57
  • [47] DroidEcho: an in-depth dissection of malicious behaviors in Android applications
    Meng, Guozhu
    Feng, Ruitao
    Bai, Guangdong
    Chen, Kai
    Liu, Yang
    CYBERSECURITY, 2018, 1 (01)
  • [48] SteaelErgon: A Framework for Injecting Colluding Malicious Payload in Android Applications
    Casolare, Rosangela
    Ciaramella, Giovanni
    Martinelli, Fabio
    Mercaldo, Francesco
    Santone, Antonella
    ARES 2021: 16TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, 2021,
  • [49] Using Opcode-Sequences to Detect Malicious Android Applications
    Jerome, Quentin
    Allix, Kevin
    State, Radu
    Engel, Thomas
    2014 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC), 2014, : 914 - 919
  • [50] Contrasting Permission Patterns between Clean and Malicious Android Applications
    Moonsamy, Veelasha
    Rong, Jia
    Liu, Shaowu
    Li, Gang
    Batten, Lynn
    SECURITY AND PRIVACY IN COMMUNICATION NETWORKS, SECURECOMM 2013, 2013, 127 : 69 - 85
12345