nach oben

Erschienen in:

19.08.2019

AdDroid: Rule-Based Machine Learning Framework for Android Malware Analysis

verfasst von: Anam Mehtab, Waleed Bin Shahid, Tahreem Yaqoob, Muhammad Faisal Amjad, Haider Abbas, Hammad Afzal, Malik Najmus Saqib

Erschienen in: Mobile Networks and Applications | Ausgabe 1/2020

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Recent years have witnessed huge growth in Android malware development. Colossal reliance on Android applications for day to day working and their massive development dictates for an automated mechanism to distinguish malicious applications from benign ones. A significant amount of research has been devoted to analyzing and mitigating this growing problem; however, attackers are using more complicated techniques to evade detection. This paper proposes a framework, AdDroid; for analyzing and detecting malicious behaviour in Android applications based on various combinations of artefacts called Rules. The artefacts represent actions of an Android application such as connecting to the Internet, uploading a file to a remote server or installing another package on the device etc. AdDroid employs an ensemble-based machine learning technique where Adaboost is combined with traditional classifiers in order to train a model founded on static analysis of Android applications that is capable of recognizing malicious applications. Feature selection and extraction techniques are used to get the most distinguishing Rules. The proposed model is created using a dataset comprising 1420 Android applications with 910 malicious and 510 benign applications. Our proposed system achieved an accuracy of 99.11% with 98.61% True Positive (TP) and 99.33% True Negative (TN) rate. The high TP and TN rates reflect the efficacy on both major and minor class. Since the proposed solution has exceptionally low computational complexity, therefore, making it possible to analyze applications in real-time.

Vorheriger Artikel Correction to: A Physical-Layer Key Distribution Mechanism for IoT Networks

Nächster Artikel Secrecy Performance in the Internet of Things: Optimal Energy Harvesting Time Under Constraints of Sensors and Eavesdroppers

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

ATZelektronik

Die Fachzeitschrift ATZelektronik bietet für Entwickler und Entscheider in der Automobil- und Zulieferindustrie qualitativ hochwertige und fundierte Informationen aus dem gesamten Spektrum der Pkw- und Nutzfahrzeug-Elektronik.

Lassen Sie sich jetzt unverbindlich 2 kostenlose Ausgabe zusenden.

Jetzt informieren

ATZelectronics worldwide

ATZlectronics worldwide is up-to-speed on new trends and developments in automotive electronics on a scientific level with a high depth of information.

Order your 30-days-trial for free and without any commitment.

Jetzt informieren

Nur mit Berechtigung zugänglich

Apple Vs Android, A comparative study 2017 (2018) Available: https://android.jlelse.eu/apple-vs-android-a-comparative-study-2017-c5799a0a1683

Gandhewar N, Sheikh R (2010) Google Android: An emerging software platform for mobile devices. Int J Comput Sci Eng 1:12–17

Number of available applications in the Google Play Store from December 2009 to September 2018 (2018) Available: https://www.statista.com/statistics/266210/number-of-available-applications-in-the-google-play-store/

Felt AP, Finifter M, Chin E, Hanna S, Wagner D (2011) A survey of mobile malware in the wild. In: Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp 3–14

Felt AP, Chin E, Hanna S, Song D, Wagner D (2011) Android permissions demystified. In: Proceedings of the 18th ACM conference on Computer and communications security, pp 627–638

Huang C-Y, Tsai Y-T, Hsu C-H (2013) Performance evaluation on permission-based detection for android malware. In: Advances in Intelligent Systems and Applications-Volume 2, ed:, pp 111–120. Springer

Zhang M, Duan Y, Yin H, Zhao Z (2014) Semantics-aware android malware classification using weighted contextual api dependency graphs. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, pp 1105–1116

Wu D-J, Mao C-H, Wei T-E, Lee H-M, Wu K-P (2012) Droidmat: Android malware detection through manifest and api calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security (Asia JCIS), pp 62–69

Sahs J, Khan L (2012) A machine learning approach to android malware detection. In: Intelligence and security informatics conference (eisic), 2012 european, pp 141–147

10.

Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp 15–26

11.

Ghani SMA, Abdollah MF, Yusof R, Mas’ud MZ (2015) Recognizing API features for malware detection using static analysis. J Wirel Netw Commun 5:6–12

12.

Peng H, Gates C, Sarma B, Li N, Qi Y, Potharaju R et al (2012) Using probabilistic generative models for ranking risks of android apps In: Proceedings of the 2012 ACM conference on Computer and communications security, pp 241–252

13.

Sarma BP, Li N, Gates C, Potharaju R, Nita-Rotaru C, Molloy I (2012) Android permissions: a perspective combining risks and benefits. In: Proceedings of the 17th ACM symposium on Access Control Models and Technologies, pp 13–22

14.

Do Q, Martini B, Choo K-KR (2014) Enhancing user privacy on android mobile devices via permissions removal. In: 2014 47th Hawaii International Conference on System Sciences (HICSS), pp 5070–5079

15.

Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens C (2014) DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket. In: NDSS

16.

Vidas T, Tan J, Nahata J, Tan CL, Christin N, Tague P (2014) A5: Automated analysis of adversarial android applications. In: Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, pp 39–50

17.

Chakradeo S, Reaves B, Traynor P, Enck W (2013) Mast: Triage for market-scale mobile malware analysis. In: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, pp 13–24

18.

Lindorfer M, Neugschwandtner M, Platzer C (2015) Marvin: Efficient and comprehensive mobile app classification through static and dynamic analysis. In: IEEE 39th Annual Computer Software and Applications Conference (COMPSAC), pp 422–433

19.

Elish KO, Shu X, Yao DD, Ryder BG, Jiang X (2015) Profiling user-trigger dependence for Android malware detection. Comput Secur 49:255–273CrossRef

20.

Jang J-w, Kang H, Woo J, Mohaisen A, Kim HK (2015) Andro-autopsy: anti-malware system based on similarity matching of malware and malware creator-centric information. Digit Investig 14:17–35CrossRef

21.

Zhu H, Xiong H, Ge Y, Chen E (2014) Mobile app recommendations with security and privacy awareness. In: Proceedings of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining, pp 951–960

22.

Martín I, Hernández JA, Muñoz A, Guzmán A (2018) Android malware characterization using metadata and machine learning techniques security and communication networks

23.

Parkour M (2014) Contagiodump, ed

24.

Roberts J-M (2014) Virus share, ed

25.

Virus Total (2017) Available: https://www.virustotal.com/#/home/upload

26.

Tumbleson C, Wisniewski R (2015) Apktool, ed

27.

Chia PH, Yamamoto Y, Asokan N (2012) Is this app safe?: a large scale study on application permissions and risk signals. In: Proceedings of the 21st international conference on World Wide Web, pp 311–320

28.

Android: Normal and Dangerous Permissions (2017) Available: https://developer.android.com/guide/topics/permissions/requesting.html#normal-dangerous

29.

Dietterich TG (2000) Ensemble methods in machine learning. In International workshop on multiple classifier systems. Springer, Berlin, pp 1–15CrossRef

30.

Kent JT (1983) Information gain and a general measure of correlation. Biometrika 70:163–173MathSciNetCrossRef

31.

Peiravian N, Zhu X (2013) Machine Learning for Android Malware Detection Using Permission and API Calls. In: 2013 IEEE 25th International Conference on Tools with Artificial Intelligence, pp 300–305

32.

Feizollah A, Anuar NB, Salleh R, Suarez-Tangil G, Furnell S (2017) Androdialysis: Analysis of android intent effectiveness in malware detection. Comput Secur 65:121–134CrossRef

Titel: AdDroid: Rule-Based Machine Learning Framework for Android Malware Analysis
verfasst von: Anam Mehtab
Waleed Bin Shahid
Tahreem Yaqoob
Muhammad Faisal Amjad
Haider Abbas
Hammad Afzal
Malik Najmus Saqib
Publikationsdatum: 19.08.2019
Verlag: Springer US
Erschienen in: Mobile Networks and Applications / Ausgabe 1/2020
Print ISSN: 1383-469X
Elektronische ISSN: 1572-8153
DOI: https://doi.org/10.1007/s11036-019-01248-0

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Jonas Klose/© Pine Valley Capital GmbH, Carina Kießling von der Strategieberatung Roland Berger/© Monika Walther Fotografie | ATZ, Beijing Auto Show 2024: Deutsche Hersteller wollen angreifen./© EKH-Pictures / Generated with AI / Stock.adobe.com, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

ATZelektronik

ATZelectronics worldwide

Weitere Artikel der Ausgabe 1/2020

Enhancing Efficient Link Performance in ZigBee Under Cross-Technology Interference

Uplink Resource Allocation for Multi-Cluster Internet-of-Things Deployment Underlaying Cellular Networks

A Physical-Layer Key Distribution Mechanism for IoT Networks

Applying Improved Convolutional Neural Network in Image Classification

Editorial: Advanced Techniques for Memory Forensics Analysis

Security and Privacy Issues of UAV: A Survey

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.