Abstract
The rapid growth of smartphones has lead to a renaissance in mobile application services. Android and iOS,currently the most popular smartphone platforms, each offer
their own public marketplace, i.e., the Android Market and App Store; however, each OS uses a dramatically different approach to prevent the occurrence of malware on their respective devices. In the Android platform, a developer can not only deliver their apps directly to the Android market without a strict review process but also add them to a nonofficial but verified app marketplace (i.e., Applanet, AppBrain,etc). In this study, we propose an automatic malware detection mechanism for the Android platform based on the results from sandbox. We extracted network spatial features of Android apps and used independent component analysis (ICA) to determine the intrinsic domain name resolution behavior of Android malware. The proposed mechanism can identify Android malware automatically. A public Android malware app dataset and popular benign apps collected from the Android Market are used for evaluating the effectiveness of the proposed approach in terms of its grouping ability and effectiveness in identifying Android malware. The proposed approach successfully identifies malicious Android Apps with
nearly 100% accuracy, precision, and recall rate.
AbstractThe rapid growth of smartphones has lead to a renaissance in mobile application services. Android and iOS,currently the most popular smartphone platforms, each offertheir own public marketplace, i.e., the Android Market and App Store; however, each OS uses a dramatically different approach to prevent the occurrence of malware on their respective devices. In the Android platform, a developer can not only deliver their apps directly to the Android market without a strict review process but also add them to a nonofficial but verified app marketplace (i.e., Applanet, AppBrain,etc). In this study, we propose an automatic malware detection mechanism for the Android platform based on the results from sandbox. We extracted network spatial features of Android apps and used independent component analysis (ICA) to determine the intrinsic domain name resolution behavior of Android malware. The proposed mechanism can identify Android malware automatically. A public Android malware app dataset and popular benign apps collected from the Android Market are used for evaluating the effectiveness of the proposed approach in terms of its grouping ability and effectiveness in identifying Android malware. The proposed approach successfully identifies malicious Android Apps withnearly 100% accuracy, precision, and recall rate.
การแปล กรุณารอสักครู่..