Abstract
Smartphones have become a popular target for cyberattacks. Malware can be embedded into the mobile applications. Several techniques have been proposed to alleviate these problems. However, these solutions may perform experiments by using simulated data, or may require root system privileges, or did not take advantage of the discovered patterns to build more effective malware detection methods. In this paper, we use the SherLock data which is a labeled smartphone dataset that captures ongoing attacks within the low-privileged monitorable features. We analyze the usage behaviors, discover temporal and usage patterns, and further examine multiple classification techniques to predict the type and the running state (i.e., benign and malicious) of the mobile apps by using different combinations of feature sets. Our experiments identified the best feature sets and methods to detect malwares, and we demonstrate the usefulness of temporal information in the predictive analysis.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amos, B., Turner, H., White, J.: Applying machine learning classifiers to dynamic Android malware detection at scale. In: 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC, pp. 1666–1671. IEEE (2013)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for Android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)
Chang, S.-W., Cheng, S.-W., Hsiu, P.-C., Kuo, T.-W., Lin, C.-W.: Application behavior analysis in resource consumption for mobile devices. In: Proceedings of the 29th Annual ACM Symposium on Applied Computing, pp. 1469–1474. ACM (2014)
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)
Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, p. 3. ACM (2012)
Guo, Y., Gu, S.: Multi-label classification using conditional dependency networks. In: IJCAI Proceedings, vol. 22, p. 1300 (2011)
Idika, N., Mathur, A.P.: A survey of malware detection techniques, p. 48. Purdue University (2007)
Jiang, X., Zhou, Y.: Dissecting Android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95–109. IEEE (2012)
Kolosnjaji, B., Zarras, A., Webster, G., Eckert, C.: Deep learning for classification of malware system call sequences. In: Australasian Joint Conference on Artificial Intelligence, pp. 137–149. Springer (2016)
Mirsky, Y., Shabtai, A., Rokach, L., Shapira, B., Elovici, Y.: Sherlock vs moriarty: a smartphone dataset for cybersecurity research. In: Proceedings of the 2016 ACM Workshop on Artificial Intelligence and Security, pp. 1–12. ACM (2016)
Narudin, F.A., Feizollah, A., Anuar, N.B., Gani, A.: Evaluation of machine learning classifiers for mobile malware detection. Soft Comput. 20(1), 343–357 (2016)
Nix, R., Zhang, J.: Classification of Android apps and malware using deep neural networks. In: International Joint Conference on Neural Networks, pp. 1871–1878. IEEE (2017)
Read, J., Pfahringer, B., Holmes, G., Frank, E.: Classifier chains for multi-label classification. In: Joint European Conference on Machine Learning and Knowledge Discovery in Databases, pp. 254–269. Springer (2009)
Shamili, A.S., Bauckhage, C., Alpcan, T.: Malware detection on mobile devices using distributed machine learning. In: 2010 20th International Conference on Pattern Recognition, ICPR, pp. 4348–4351. IEEE (2010)
Shen, Y., Evans, N., Benameur, A.: Insights into rooted and non-rooted Android mobile devices with behavior analytics. In: Proceedings of the 31st Annual ACM Symposium on Applied Computing, pp. 580–587. ACM (2016)
Shin, C., Hong, J.-H., Dey, A.K.: Understanding and prediction of mobile application usage for smart phones. In: Proceedings of the 2012 ACM Conference on Ubiquitous Computing, pp. 173–182. ACM (2012)
Tang, L.-Y., Hsiu, P.-C., Huang, J.-L., Chen, M.-S.: iLauncher: an intelligent launcher for mobile apps based on individual usage patterns. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, pp. 505–512. ACM (2013)
Tsoumakas, G., Katakis, I.: Multi-label classification: an overview. Int. J. Data Warehous. Min. (IJDWM) 3(3), 1–13 (2007)
Zheng, Y., Srinivasan, S., Taehun, K.: Exploratory malware analysis of mobile usages. In: Proceedings of the 19th Annual SIG Conference on Information Technology Education, pp. 158–158. ACM (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Zheng, Y., Srinivasan, S. (2020). Mobile App and Malware Classifications by Mobile Usage with Time Dynamics. In: Barolli, L., Takizawa, M., Xhafa, F., Enokido, T. (eds) Advanced Information Networking and Applications. AINA 2019. Advances in Intelligent Systems and Computing, vol 926. Springer, Cham. https://doi.org/10.1007/978-3-030-15032-7_50
Download citation
DOI: https://doi.org/10.1007/978-3-030-15032-7_50
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15031-0
Online ISBN: 978-3-030-15032-7
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)