Android Malware Network Behavior Analysis at HTTP Protocol Packet Level

被引：1

作者：

Wang, Shanshan ^{[1
]}

Hou, Shifeng ^{[2
]}

Zhang, Lei ^{[1
]}

Chen, Zhenxiang ^{[1
]}

Han, Hongbo ^{[1
]}

机构：

[1] Univ Jinan, Sch Informat Sci & Engn, Jinan 250022, Peoples R China

[2] Lib Rizhao Polytech, Rizhao 276826, Peoples R China

来源：

ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING, ICA3PP 2015 | 2015年 / 9532卷

关键词：

Android; Malware; Network traffic; Analyze; Detection;

D O I：

10.1007/978-3-319-27161-3_45

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Smart phones, particularly the ones based on Android, have become the most popular devices. The surfing habits of users have been changed from the traditional PC terminal to mobile terminal officially. However, the mobile terminal application exposes more and more problems. Two common ways to analyze malware are source code analysis and dynamic behavior analysis. Researchers pay little attention to the network traffic generated by mobile terminal application. Nevertheless, shell technology makes source code analysis difficult while dynamic behavior analysis consumes too much resource. In fact, normal application and malware perform differently at the network level. We found that the features of HTTP packet are dramatically different in normal traffic and malicious traffic dataset. The application analysis from the perspective of network traffic can provide us a new way to detect malware.

引用

页码：497 / 507

页数：11

共 50 条

[31] Malware behavior analysis in isolated miniature network for revealing malware's network activity
Inoue, Daisuke
Yoshioka, Katsunari
Eto, Masashi
Hoshizawa, Yuji
Nakao, Koji
2008 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, PROCEEDINGS, VOLS 1-13, 2008, : 1715 - +
[32] Android Malware Analysis and Conceptual Malware Mitigation Approaches
Oh, Tae
Kim, Young Ho
Moon, Hwa Shin
Kim, Jeong Neyo
Stackpole, Bill
2016 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC 2016): TOWARDS SMARTER HYPER-CONNECTED WORLD, 2016, : 684 - 693
[33] Android Malware Detection and Categorization Based on Conversation-level Network Traffic Features
Abuthawabeh, Mohammad Kamel A.
Mahmoud, Khaled W.
2019 INTERNATIONAL ARAB CONFERENCE ON INFORMATION TECHNOLOGY (ACIT), 2019, : 42 - 47
[34] NADM: Neural Network for Android Detection Malware
Nguyen Viet Duc
Pham Thanh Giang
PROCEEDINGS OF THE NINTH INTERNATIONAL SYMPOSIUM ON INFORMATION AND COMMUNICATION TECHNOLOGY (SOICT 2018), 2018, : 449 - 455
[35] Malware Classification Using Open Set Recognition and HTTP Protocol Requests
Bialczak, Piotr
Mazurczyk, Wojciech
COMPUTER SECURITY - ESORICS 2023, PT II, 2024, 14345 : 235 - 254
[36] HTTP Trojan Detection Model with Network Behavior Analysis
Yi, J. K.
Zhang, Y. C.
Li, H.
INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND ENVIRONMENTAL ENGINEERING (CSEE 2015), 2015, : 731 - 737
[37] An Assistive System for Android Malware Analysis to Increase Malware Analysis Efficiency
Jadhav, Suyash
Oh, Tae
Jeong, Jaehoon
Kim, Young Ho
Kim, Jeong Neyo
2017 31ST IEEE INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS WORKSHOPS (IEEE WAINA 2017), 2017, : 370 - 374
[38] Methods to Select Features for Android Malware Detection Based on the Protection Level Analysis
Lee, Chaeeun
Ko, Eunnarae
Lee, Kyungho
INFORMATION SECURITY APPLICATIONS, WISA 2020, 2020, 12583 : 375 - 386
[39] Fuzzing the Android Applications With HTTP/HTTPS Network Data
Huang, Xinyue
Zhou, Anmin
Jia, Peng
Liu, Luping
Liu, Liang
IEEE ACCESS, 2019, 7 : 59951 - 59962
[40] Benchmarking Android Malware Analysis Tools
Higuera, Javier Bermejo
Moreno, Javier Morales
Higuera, Juan Ramon Bermejo
Montalvo, Juan Antonio Sicilia
Martillo, Gustavo Javier Barreiro
Riera, Tomas Miguel Sureda
ELECTRONICS, 2024, 13 (11)

← 1 2 3 4 5 →