Top

Published in:

2014 | OriginalPaper | Chapter

DroidCollector: A Honeyclient for Collecting and Classifying Android Applications

Authors : Laurent Delosières, Antonio Sánchez

Published in: Information Sciences and Systems 2014

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

With the tremendous increase of Android malware, we need an automatic way of collecting Android applications and identifying the malware before they get installed on the end-user devices. In this paper, we propose a honeyclient for Android applications that will collect and classify Android applications. We first present an overview of the honeyclient. Then, we survey the different ways of infecting Android mobile devices which will shed the light on the honeyclient’s design. Finally, we describe every component of the honeyclient, namely a crawler to build a list of suspicious URLs, a client to visit the suspicious URLs, extract Android applications and analyze them, and a malware detector to classify the collected Android applications. We use a light version of the Android browser to visit the suspicious URLs enabling us to scale the visits up and an Android emulator to analyze the Android applications. As for the malware detector, we use a combination of misuse and anomaly detector allowing us to detect already known malware and new variants.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Cryptanalysis of a Cryptographic Algorithm that Utilizes Chaotic Neural Networks

next chapter Real Time Wireless Packet Monitoring with Raspberry Pi Sniffer

Android under siege: Popularity comes at a price (2012). Available: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-3q-2012-security-roundup-android-under-siege-popularity-comes-at-a-price.pdf

H. Gascon, F. Yamaguchi, D. Arp, and K. Rieck, Structural detection of android malware using embedded call graphs, in Proceedings of the 2013 ACM Workshop on Artificial Intelligence and Security, ser. AISec ’13. New York, NY, USA: ACM, 2013, pp. 45–54. Available: http://doi.acm.org/10.1145/2517312.2517315

M. H. Daniel Arp, Michael Spreitzenbarth, K. R. Hugo Gascon, Drebin: Efficient and explainable detection of android malware in your pocket, in Proceedings of 17th Network and Distributed System Security Symposium (NDSS), 2014

V. B. de Oliveira, Honeypotlabsac: Um framework de honeypot virtual para o android, Master’s thesis, PPGEE/UFMA, June 2012

T. J. O’Connor, B. Sangster, honeym: A framework for implementing virtual honeyclients for mobile devices, in Proceedings of the Third ACM Conference on Wireless Network Security, ser. WiSec ’10. New York, NY, USA: ACM, 2010, pp. 129–138. Available: http://doi.acm.org/10.1145/1741866.1741888

Google play, 2013. Available: https://play.google.com/store

Amazon appstore for android, 2013. Available: http://www.amazon.com/mobile-apps/b?ie=UTF8&node=2350149011

Getjar, 2013. Available: http://www.getjar.com/

The webkit open source project, 2014. Available: http://www.webkit.org/

10.

Cve details, 2013. Available: http://www.cvedetails.com/product/19997/Google-Android.html

11.

Obad.a trojan now being distributed via mobile botnets, 2013. Available: http://www.securelist.com/en/blog/8131/Obad_a_Trojan_now_being_distributed_via_mobile_botnets

12.

Symantec internet security threat report—2011, 2011. Available: http://www.symantec.com/threatreport/topic.jsp?id=threatreport&aid=malicious_code_trends_report

13.

The platform millions of websites are buitl on, 2013. Available: http://www.joomla.org/

14.

Wordpress.org, 2013. Available: http://wordpress.org/

15.

L. Delosières, D. García, Infrastructure for detecting android malware, in Information Sciences and Systems 2013, ser. Lecture Notes in Electrical Engineering, E. Gelenbe, R. Lent, (eds.) Springer International Publishing, 2013, vol. 264, pp. 389–398. Available: http://dx.doi.org/10.1007/978-3-319-01604-7_38

16.

Y.-W. Chen, C.-J. Lin, Combining SVMS with Various Feature Selection Strategies, in Feature Extraction, Foundations and Applications (Springer, Berlin, 2006), pp. 315–324

17.

C. Cortes, V. Vapnik, Support-vector networks, Machine Learning, 20(3), pp. 273–297, 1995. Available: http://dx.doi.org/10.1007/BF00994018

18.

nprotect, 2014. Available: http://nos.nprotect.com/

19.

Bytehero, 2014. Available: www.bytehero.com/pages/english.html

20.

Malwarebytes, 2014. Available: https://www.malwarebytes.org/

21.

Hacksoft, 2014. Available: http://www.hacksoft.com.pe/

22.

“Superantispyware”, 2014. [Online]. Available: http://www.superantispyware.com/

Title: DroidCollector: A Honeyclient for Collecting and Classifying Android Applications
Authors: Laurent Delosières
Antonio Sánchez
Publisher: Springer International Publishing
Book: Information Sciences and Systems 2014
Print ISBN: 978-3-319-09464-9

Electronic ISBN: 978-3-319-09465-6

Copyright Year: 2014
DOI: https://doi.org/10.1007/978-3-319-09465-6_19

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner