Top

Published in:

2019 | OriginalPaper | Chapter

Android Malware Detection Using Code Graphs

Authors : Shikha Badhani, Sunil Kumar Muttoo

Published in: System Performance and Management Analytics

Publisher: Springer Singapore

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The amount of Android malware is increasing faster every year along with the growing popularity of Android platform. Hence, detection and analysis of Android malware have become a critical topic in the area of computer security. This paper proposes a novel method of detecting Android malware that uses the semantics of the code in the form of code graphs extracted from Android apps. These code graphs are then used for classifying Android apps as benign or malicious by using the Jaccard index of the code graphs as a similarity metric. We have also evaluated code graph of real-world Android apps by using the k-NN classifier with Jaccard distance as the distance metric for classification. The result of our experiment shows that code graph of Android apps can be used effectively to detect Android malware with the k-NN classifier, giving a high accuracy of 98%.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Performance of Static Spatial Topologies in Fine-Grained QEA on a P-PEAKS Problem Instance

next chapter Security in ZigBee Using Steganography for IoT Communications

Quick Heal Threat Report Q1. (2016). http://dlupdate.quickheal.com/documents/others/quick_heal_quarterly_threat_report_q1_2016.pdf.

Rastogi, V., Chen, Y., & Jiang, X. (2013). Evaluating android anti-malware against transformation attacks. Northwest University, 329–334.

Preda, M. D., Christodorescu, M., Jha, S., & Debray, S. (2008). A semantics-based approach to malware detection. ACM Transactions on Programming Languages and Systems, 30, 1–54.CrossRef

Zhang, M., Duan, Y., Yin, H., & Zhao, Z. (2014). Semantics-aware android malware classification using weighted contextual api dependency graphs. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (pp. 1105–1116).

Lee, J., Jeong, K., & Lee, H. (2010). Detecting metamorphic malwares using code graphs. In Proceedings of the 2010 ACM Symposium on Applied Computing. SAC ‘10. 1970.

Aha, D. W., Kibler, D., & Albert, M. K. (1991). Instance-based learning algorithms. Machine Learning, 6, 37–66.

Enck, W., Ongtang, M., & McDaniel, P. (2009). On lightweight mobile phone application certification. In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS ‘09 (pp. 235–245).

Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G., & Álvarez, G. (2013). PUMA: Permission usage to detect malware in android. Advances in Intelligent Systems and Computing (AISC), 189, 289–298.

Burguera, I., Zurutuza, U., & Nadjm-Tehrani, S. (2011). Crowdroid: Behavior-based malware detection system for android. In Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. SPSM ‘11, Vol. 15.

10.

Enck, W., Gilbert, P., Chun, B.-G., Cox, L. P., Jung, J., McDaniel, P., & Sheth, A. N. (2010). TaintDroid: An information-flow tracking system for realtime privacy monitoring on smartphones (Vol. 49, pp. 1–6). Osdi ’10.

11.

Shawe-Taylor, J., & Cristianini, N. (2004). Kernel Methods for Pattern Analysis (pp. 140–193).

12.

Wu, D. J., Mao, C. H., Wei, T. E., Lee, H. M., & Wu, K. P. (2012). DroidMat: Android malware detection through manifest and API calls tracing. In 2012 Seventh Asia Joint Conference on Information Security (Asia JCIS). IEEE (pp. 62–69). Asia JCIS 2012.

13.

Arp, D., Spreitzenbarth, M., Malte, H., Gascon, H., & Rieck, K. (2014). Drebin: Effective and explainable detection of android malware in your pocket. In Symposium on Network and Distributed System Security (pp. 23–26).

14.

Jaccard, P. (1901). Distribution de la flore alpine dans le Bassin des Drouces et dans quelques regions voisines. Bulletin de la Société Vaudoise des Sciences Naturelles, 37, 241–272.

15.

Blokhin, K., Saxe, J., & Mentis, D. (2012). Malware similarity identification using call graph based system call subsequence features. In 2013 IEEE 33rd International Conference on Distributed Computing Systems Workshops (ICDCSW) (pp. 6–10).

16.

Schenker, A., Last, M., Bunke, H., & Kandel, A. (2003). Classification of web documents using a graph model. In Proceedings Seventh International Conference on Document Analysis and Recognition.

17.

Androguard. https://github.com/androguard/androguard.

18.

Dalvik bytecode. https://source.android.com/devices/tech/dalvik/dalvik-bytecode.html.

19.

AndroMalShare. http://sanddroid.xjtu.edu.cn:8080/.

20.

Android.Telephony package. https://developer.android.com/reference/android/telephony/package-summary.html.

21.

Bunke, H., & Allermann, G. (1983). Inexact graph matching for structural pattern recognition. Pattern Recognition Letters, 1, 245–253.CrossRef

22.

Sanfeliu, A., Sanfeliu, A., & Fu, K. S. (1983). A distance measure between attributed relational graphs for pattern recognition. IEEE Transactions on Systems, Man, and Cybernetics SMC, 13, 353–362.CrossRef

23.

Liao, Y., & Vemuri, V. R. (2002). Use of k-nearest neighbor classifier for intrusion detection. Computers & Security, 21, 439–448.CrossRef

24.

Google Play. https://play.google.com.

25.

Kang, H., Jang, J. W., Mohaisen, A., & Kim, H. K. (2015). Detecting and classifying android malware using static analysis along with creator information. International Journal of Distributed Sensor Networks, 11(6), 479174.

26.

NetworkX. https://networkx.github.io/.

27.

Android Package Index. https://developer.android.com/reference/packages.html.

Title: Android Malware Detection Using Code Graphs
Authors: Shikha Badhani
Sunil Kumar Muttoo
Publisher: Springer Singapore
Book: System Performance and Management Analytics
Print ISBN: 978-981-10-7322-9

Electronic ISBN: 978-981-10-7323-6

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-981-10-7323-6_17

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner