nach oben

International Journal of Information Security

Erschienen in:

01.02.2017 | Regular Contribution

Structural analysis and detection of android botnets using machine learning techniques

verfasst von: G. Kirubavathi, R. Anitha

Erschienen in: International Journal of Information Security | Ausgabe 2/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Nowadays, smartphone devices are an integral part of our lives since they enable us to access a large variety of services from personal to banking. The worldwide popularity and adoption of smartphone devices continue to approach the capabilities of traditional computing environments. The computer malware like botnets is becoming an emerging threat to users and network operators, especially on popular platform such as android. Due to the rapid growth of botnet applications, there is a pressing need to develop an effective solution to detect them. Most of the existing detection techniques can detect only malicious android applications, but it cannot detect android botnet applications. In this paper, we propose a structural analysis-based learning framework, which adopts machine learning techniques to classify botnets and benign applications using the botnet characteristics-related unique patterns of requested permissions and used features. The experimental evaluation based on real-world benchmark datasets shows that the selected patterns can achieve high detection accuracy with low false positive rate. The experimental and statistical tests show that the support vector machine classifier performs well compared to other classification algorithms.

Vorheriger Artikel HoneyCirculator: distributing credential honeytoken for introspection of web-based attack cycle

Nächster Artikel Using targeted Bayesian network learning for suspect identification in communication networks

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Abdullah, Z., Saudi, M.M., Anuar, N.B.: Mobile botnet detection: proof of concept. In: 2014 IEEE 5th Control and System Graduate Research Colloquium (ICSGRC), pp. 257–262. IEEE (2014)

Anagnostopoulos, M., Kambourakis, G., Gritzalis, S.: New facets of mobile botnet: architecture and evaluation. Int. J. Inf. Secur. 1–19 (2015)

Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K., Siemens, C.: Drebin: effective and explainable detection of android malware in your pocket (2014)

Barrera, D., Kayacik, H.G., van Oorschot, P.C., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to android. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 73–84. ACM (2010)

Borja, S., Igor, S., Carlos, L., et al.: Puma: permission usage to detect malware in android. In: International Joint Conference CISIS, vol. 12

Campbell, C., Ying, Y.: Learning with support vector machines. Synth. Lect. Artif. Intell. Mach. Learn. 5(1), 1–95 (2011)CrossRefMATH

Choi, B., Choi, S.K., Cho, K.: Detection of mobile botnet using VPN. In: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 142–148. IEEE (2013)

Cisco 2014 annual security report. Technical Report. http://www.cisco.com/web/offer/gist_ty2_asset/Cisco_2014_ASR.pdf/ (2014)

Flo, A., Josang, A.: Consequences of botnets spreading to mobile devices. In: Short-Paper Proceedings of the 14th Nordic Conference on Secure IT Systems (NordSec 2009), pp. 37–43 (2009)

10.

F-secure. Mobile threat report January–March 2013. Technical Report (2013)

11.

Frank, M., Dong, B., Felt, A.P., Song, D.: Mining permission request patterns from android and facebook applications. In: ICDM, pp. 870–875 (2012)

12.

Funk, C., Garnaeva, M.: Kaspersky security bulletin 2013. Overall statistics for 2013. Securelist (2013)

13.

Google android market applications. http://code.google.com/p/android-market-api/ (2013–2015)

14.

Gupta, K.K., Nath, B., Kotagiri, R.: Layered approach using conditional random fields for intrusion detection. IEEE Trans. Dependable Secure Comput. 7(1), 35–49 (2010)CrossRef

15.

Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The weka data mining software: an update. ACM SIGKDD Explor. Newsl. 11(1), 10–18 (2009)CrossRef

16.

Hashim, H.A.B., Saudi, M.M., Basir, N.: A systematic review analysis of root exploitation for mobile botnet detection. In: Advanced Computer and Communication Engineering Technology, pp. 113–122. Springer (2016)

17.

Johnson, E., Traore, I.: Sms botnet detection for android devices through intent capture and modeling. In: 2015 IEEE 34th Symposium on Reliable Distributed Systems Workshop (SRDSW), pp. 36–41. IEEE (2015)

18.

Kadir, A.F.A., Stakhanova, N., Ghorbani, A.A.: Android botnets: What urls are telling us. In: Network and System Security, pp. 78–91. Springer (2015)

19.

Li, Y., Xia, J., Zhang, S., Yan, J., Ai, X., Dai, K.: An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst. Appl. 39(1), 424–430 (2012)CrossRef

20.

Moonsamy, V., Rong, J., Liu, S.: Mining permission patterns for contrasting clean and malicious android applications. Future Gener. Comput. Syst. 36, 122–132 (2014)CrossRef

21.

Mukherjee, S., Sharma, N.: Intrusion detection using naive bayes classifier with feature reduction. Procedia Technol. 4, 119–128 (2012)CrossRef

22.

Ngai, E.W., Xiu, L., Chau, D.C.: Application of data mining techniques in customer relationship management: a literature review and classification. Expert Syst. Appl. 36(2), 2592–2602 (2009)CrossRef

23.

Oh, T., Jadhav, S., Kim, Y.H.: Android botnet categorization and family detection based on behavioural and signature data. In: 2015 International Conference on Information and Communication Technology Convergence (ICTC), pp. 647–652. IEEE (2015)

24.

Pandaapp-android applications repository. http://www.pandaapp.org/ (2015)

25.

Peiravian, N., Zhu, X.: Machine learning for android malware detection using permission and API calls. In: 2013 IEEE 25th International Conference on Tools with Artificial Intelligence (ICTAI), pp. 300–305. IEEE (2013)

26.

Pieterse, H., Olivier, M.S.: Android botnets on the rise: trends and characteristics. In: Information Security for South Africa (ISSA), 2012, pp. 1–5. IEEE (2012)

27.

Rahman, M., Saudi, M.M.: Systematic analysis on mobile botnet detection techniques using genetic algorithm. In: Advanced Computer and Communication Engineering Technology, pp. 389–397. Springer (2015)

28.

Rashidi, B., Fung, C.: Bottracer: bot user detection using clustering method in recdroid. In: NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium, pp. 1239–1244. IEEE (2016)

29.

Rassameeroj, I., Tanahashi, Y.: Various approaches in analyzing android applications with its permission-based security models. In: 2011 IEEE International Conference on Electro/Information Technology (EIT), pp. 1–6. IEEE (2011)

30.

Rasthofer, S., Asrar, I., Huber, S., Bodden, E.: An investigation of the android/badaccents malware which exploits a new android tapjacking attack (2015)

31.

Rong, J., Vu, H.Q., Law, R., Li, G.: A behavioral analysis of web sharers and browsers in Hong Kong using targeted association rule mining. Tour. Manag. 33(4), 731–740 (2012)

32.

Slideme-android applications repository. http://www.slideme.org/ (2015)

33.

Teufl, P., Ferk, M., Fitzek, A., Hein, D., Kraxberger, S., Orthacker, C.: Malware detection by applying knowledge discovery processes to application metadata on the android market (google play). Secur. Commun. Netw. (2013)

34.

Total, V.: Virustotal-free online virus, malware and URL scanner (2012)

35.

Uscilowski, B.: Symantec security response (mobile adware and malware analysis. Technical Report http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/madware_and_malware_analysis.pdf/ (2014)

36.

Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869–1882 (2014)CrossRef

37.

Yerima, S.Y., Sezer, S., McWilliams, G.: Analysis of bayesian classification-based approaches for android malware detection. IET Inf. Secur. 8(1), 25–36 (2014)CrossRef

38.

Zheng, M., Sun, M., Lui, J.: Droid analytics: a signature based analytic system to collect, extract, analyze and associate android malware. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 163–171. IEEE (2013)

39.

Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy (SP), pp. 95–109. IEEE (2012)

40.

Zhu, J., Guan, Z., Yang, Y., Yu, L., Sun, H., Chen, Z.: Permission-based abnormal application detection for android. In: Information and Communications Security, pp. 228–239. Springer (2012)

Titel: Structural analysis and detection of android botnets using machine learning techniques
verfasst von: G. Kirubavathi
R. Anitha
Publikationsdatum: 01.02.2017
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 2/2018
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-017-0363-3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2018

Using targeted Bayesian network learning for suspect identification in communication networks

A methodology to measure and monitor level of operational effectiveness of a CSOC

HoneyCirculator: distributing credential honeytoken for introspection of web-based attack cycle

A game-theoretic approach for integrity assurance in resource-bounded systems

Dynamic reversed accumulator

Accumulable optimistic fair exchange from verifiably encrypted homomorphic signatures