skip to main content
10.1145/3014812.3014888acmotherconferencesArticle/Chapter ViewAbstractPublication Pagesaus-cswConference Proceedingsconference-collections
research-article

Target: category-based android malware detection revisited

Published: 31 January 2017 Publication History

Abstract

Smartphones are becoming increasingly popular in daily routines around the world. However, malware in smartphones is getting more prevalent, and will introduce potential risks to smartphone users. In this paper, we propose a new system, called Target, for detecting malware in the Android operating system, featuring both static and dynamic analysis. Our static analysis is based on user permissions, signatures and source code, and our dynamic analysis is based on the behavior of running mobile applications. A highlight of Target is its ability to reduce the probability of false positives based on the category of applications. Target first generates risk values of the mobile application being analyzed, indicating the degree of risks involved. It then uses a machine learning algorithm, named OKNN, to determine which class an application belongs to. Compared to previous work, Target is able to achieve a significant improvement in terms of malware detection accuracy.

References

[1]
Cisco 2014 Annual Security Report. http://www.cisco.com
[2]
Wei, X., Gomez, L., Neamtiu, I., Faloutsos, M.: Permission evolution in the android ecosystem. In: Proc. ACM ACSAC Conf. Annual Computer Security Applications, pp. 31--40 (2012)
[3]
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proc. 16th ACM Conf. Comput. Commun. Security, pp. 235--245 (2009)
[4]
Sarma, B. P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: A perspective combining risks and benefits. In: Proc. 17th ACM Symp. Access Control Models Technol, pp. 13--22 (2012)
[5]
Andoor, J. T.: A Filtering Based Android Malware Detection System for Google PlayStore. In: Proc. the 3rd Int. Conf. on Front. of Intell. Comput, pp. 559--566 (2014)
[6]
Aung, Z., Zaw, W.: Permission bases Android Malware Detection. In: International Journal of Scientific & Technology Research (2013)
[7]
Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: Semantics-Based Detection of Android Malware through Static Analysis. In: Proc. ACM Conf. FSE, pp. 576--587 (2014)
[8]
Enck, W. et al: TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones. In: ACM Transactions on Computer Systems (2014)
[9]
Liu, X., Liu, J.: A Two-layered Permission-based Android Malware Detection Scheme. In: Proc. 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (2014)
[10]
dex2jar. https://sourceforge.net/p/dex2jar/wiki/UserGuide/
[11]
JD-GUI. http://jd.benow.ca
[12]
Droidbox. https://code.google.com/archive/p/droidbox/
[13]
Idrees, F., Rajarajan, M.: Investigating the Android Intents and Permissions for Malware detection. In: Proc. 10th IEEE Conf. WiMob, pp. 354--358 (2014)
[14]
Liang, S., Du, X.: Permission-Combination-based Scheme for Android Mobile Malware Detection. In: Proc. IEEE Conf. ICC, pp. 2301--2306 (2014)
[15]
Cen, L., Gates, C. S., Si, L., Li, N.: A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code. In: IEEE Transactions on Dependable and Secure Computing (2015)
[16]
Burguera, I., Zurutuza, U., Tehrani, S. N.: Crowdroid: Behavior-Based Malware Detection System for Android. In: Proc. 1st ACM Conf. Security and privacy in smartphones and mobile devices, pp. 150--26 (2011)
[17]
Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: Riskranker: scalable and accurate zero-day android malware detection. In: Proc. 1st ACM Conf. Mobile Systems, Applications, and Services, pp. 281--294 (2012)
[18]
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets. In: Proc. 19th Annu. Netw. Distrib. Syst. Security Symp, pp. 1--24 (2012)
[19]
Wang, D., Dai, S., Ding, Y., Li, T., Han, X.: POSTER: AdHoneyDroid - Capture Malicious Android Advertisements. In: Proc. 14th ACM Conf. CCS, pp. 1514--1516 (2014)
[20]
Li, S. et al: Real-Time Monitoring of Privacy Abuses and Intrusion Detection in Android System. In: Proc. HAS, part of HCI, pp. 379--390 (2015)
[21]
Zhao, S. et al: Attack Tree Based Android Malware Detection with Hybrid Analysis. In: Proc. 13th IEEE Conf. Trust, Security and Privacy in Computing and Communications, pp. 380--387 (2014)
[22]
Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann J.: Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. In: International Journal of Information Security (2015)
[23]
Zhang, Y., Yang, M., Gu, G., Chen, H.: FineDroid: Enforcing Permissions with System-Wide Application Execution Context. In: Proc. 11th International Conference, SecureComm, pp. 3--22 (2015)
[24]
Petsas, T. et al: Rage Against the Virtual Machine: Hindering Dynamic Analysis of Android Malware. In: Proc. 14th ACM Conf. the Seventh European Workshop on System Security, pp. 1--6 (2014)
[25]
Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android. In: Proc. ICST, pp. 86--103 (2013)
[26]
Afonso, V. M. et al: Identifying Android malware using dynamically obtained features. In: Journal of Computer Virology and Hacking Techniques (2015)

Cited By

View all
  • (2024)Hybrid Android Malware Detection: A Review of Heuristic-Based ApproachIEEE Access10.1109/ACCESS.2024.337765812(41255-41286)Online publication date: 2024
  • (2023)Pragmatic Evidence on Android Malware Analysis Techniques: A Systematic Literature ReviewInternational Journal of Innovations in Science and Technology10.33411/IJIST/2023050101(1-19)Online publication date: 1-Jan-2023
  • (2022)Malicious Applications Detection in Android Using Machine LearningInternational Journal of Artificial Intelligence and Machine Learning10.51483/IJAIML.2.2.2022.21-342:2(21-34)Online publication date: 5-Jul-2022
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ACSW '17: Proceedings of the Australasian Computer Science Week Multiconference
January 2017
615 pages
ISBN:9781450347686
DOI:10.1145/3014812
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 January 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. android malware
  2. application category
  3. risk values
  4. static and dynamic analysis

Qualifiers

  • Research-article

Conference

ACSW 2017
ACSW 2017: Australasian Computer Science Week 2017
January 30 - February 3, 2017
Geelong, Australia

Acceptance Rates

ACSW '17 Paper Acceptance Rate 78 of 156 submissions, 50%;
Overall Acceptance Rate 204 of 424 submissions, 48%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)6
  • Downloads (Last 6 weeks)1
Reflects downloads up to 25 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Hybrid Android Malware Detection: A Review of Heuristic-Based ApproachIEEE Access10.1109/ACCESS.2024.337765812(41255-41286)Online publication date: 2024
  • (2023)Pragmatic Evidence on Android Malware Analysis Techniques: A Systematic Literature ReviewInternational Journal of Innovations in Science and Technology10.33411/IJIST/2023050101(1-19)Online publication date: 1-Jan-2023
  • (2022)Malicious Applications Detection in Android Using Machine LearningInternational Journal of Artificial Intelligence and Machine Learning10.51483/IJAIML.2.2.2022.21-342:2(21-34)Online publication date: 5-Jul-2022
  • (2022)Deep-Layer Clustering to Identify Permission Usage Patterns of Android App CategoriesIEEE Access10.1109/ACCESS.2022.315608310(24240-24254)Online publication date: 2022
  • (2021)A hybrid intelligent approach to detect Android Botnet using Smart Self-Adaptive Learning-based PSO-SVMKnowledge-Based Systems10.1016/j.knosys.2021.106988222(106988)Online publication date: Jun-2021
  • (2019)Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and DirectionsIEEE Access10.1109/ACCESS.2019.29181397(67602-67631)Online publication date: 2019

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media