Article

Kernel-based Behavior Analysis for Android Malware Detection

Authors:

Takamasa Isohara,

Keisuke Takemori,

Ayumu KubotaAuthors Info & Claims

CIS '11: Proceedings of the 2011 Seventh International Conference on Computational Intelligence and Security

Pages 1011 - 1015

https://doi.org/10.1109/CIS.2011.226

Published: 03 December 2011 Publication History

Abstract

The most major threat of Android users is malware infection via Android application markets. In case of the Android Market, as security inspections are not applied for many users have uploaded applications. Therefore, malwares, e.g., Geimini and Droid Dream will attempt to leak personal information, getting root privilege, and abuse functions of the smart phone. An audit framework called log cat is implemented on the Dalvik virtual machine to monitor the application behavior. However, only the limited events are dumped, because an application developers use the log cat for debugging. The behavior monitoring framework that can audit all activities of applications is important for security inspections on the market places. In this paper, we propose a kernel-base behavior analysis for android malware inspection. The system consists of a log collector in the Linux layer and a log analysis application. The log collector records all system calls and filters events with the target application. The log analyzer matches activities with signatures described by regular expressions to detect a malicious activity. Here, signatures of information leakage are automatically generated using the smart phone IDs, e.g., phone number, SIM serial number, and Gmail accounts. We implement a prototype system and evaluate 230 applications in total. The result shows that our system can effectively detect malicious behaviors of the unknown applications.

Cited By

View all

Fu XJiang CLi CLi JZhu XLi F(2024)A hybrid approach for Android malware detection using improved multi-scale convolutional neural networks and residual networksExpert Systems with Applications: An International Journal10.1016/j.eswa.2024.123675249:PBOnline publication date: 1-Sep-2024
https://dl.acm.org/doi/10.1016/j.eswa.2024.123675
Joshi YTiwari N(2023)A Comprehensive Survey on Malware Detection TechniquesProceedings of the 5th International Conference on Information Management & Machine Intelligence10.1145/3647444.3647830(1-6)Online publication date: 23-Nov-2023
https://dl.acm.org/doi/10.1145/3647444.3647830
Bakır HBakır R(2023)DroidEncoderComputers and Electrical Engineering10.1016/j.compeleceng.2023.108804110:COnline publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1016/j.compeleceng.2023.108804
Show More Cited By

Recommendations

Android Applications Repackaging Detection Techniques for Smartphone Devices

The problem of malwares affecting Smartphones has been widely recognized by the researchers across the world. Majority of these malwares target Android OS. Studies have found that most of the Android malwares hide inside repackaged apps to get inside ...
Android Malware Detection via a Latent Network Behavior Analysis
TRUSTCOM '12: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications

The rapid growth of smartphones has lead to a renaissance for mobile application services. Android and iOS now as the most popular smartphone platforms offer a public marketplace respectively, the Android Market and App Store- but operate with ...
Hartley's test ranked opcodes for Android malware analysis
SIN '15: Proceedings of the 8th International Conference on Security of Information and Networks

The popularity and openness of Android platform encourage malware authors to penetrate various market places with malicious applications. As a result, malware detection has become a critical topic in security. Currently signature-based system is able to ...

Comments

Information & Contributors

Information

Published In

CIS '11: Proceedings of the 2011 Seventh International Conference on Computational Intelligence and Security

December 2011

1598 pages

ISBN:9780769545844

Publisher

IEEE Computer Society

United States

Publication History

Published: 03 December 2011

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Fu XJiang CLi CLi JZhu XLi F(2024)A hybrid approach for Android malware detection using improved multi-scale convolutional neural networks and residual networksExpert Systems with Applications: An International Journal10.1016/j.eswa.2024.123675249:PBOnline publication date: 1-Sep-2024
https://dl.acm.org/doi/10.1016/j.eswa.2024.123675
Joshi YTiwari N(2023)A Comprehensive Survey on Malware Detection TechniquesProceedings of the 5th International Conference on Information Management & Machine Intelligence10.1145/3647444.3647830(1-6)Online publication date: 23-Nov-2023
https://dl.acm.org/doi/10.1145/3647444.3647830
Bakır HBakır R(2023)DroidEncoderComputers and Electrical Engineering10.1016/j.compeleceng.2023.108804110:COnline publication date: 1-Sep-2023
https://dl.acm.org/doi/10.1016/j.compeleceng.2023.108804
Acharya SRawat UBhatnagar R(2022)A Comprehensive Review of Android SecuritySecurity and Communication Networks10.1155/2022/77759172022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/7775917
Wang ZWang WYang YHan ZXu DSu C(2022)CNN‐ and GAN‐based classification of malicious code familiesInternational Journal of Intelligent Systems10.1002/int.2309437:12(12472-12489)Online publication date: 25-Oct-2022
https://dl.acm.org/doi/10.1002/int.23094
Zhou QFeng FShen ZZhou RHsieh MLi K(2019)A novel approach for mobile malware classification and detection in Android systemsMultimedia Tools and Applications10.1007/s11042-018-6498-z78:3(3529-3552)Online publication date: 1-Jun-2019
https://dl.acm.org/doi/10.1007/s11042-018-6498-z
Bernardi MCimitile MDistante DMartinelli FMercaldo F(2019)Dynamic malware detection and phylogeny analysis using process miningInternational Journal of Information Security10.1007/s10207-018-0415-318:3(257-284)Online publication date: 25-May-2019
https://dl.acm.org/doi/10.1007/s10207-018-0415-3
Moonsamy VAlazab MBatten L(2018)Towards an understanding of the impact of advertising on data leaksInternational Journal of Security and Networks10.1504/IJSN.2012.0525407:3(181-193)Online publication date: 16-Dec-2018
https://dl.acm.org/doi/10.1504/IJSN.2012.052540
Rahman N(2018)Privacy disclosure riskInternational Journal of Mobile Network Design and Innovation10.1504/IJMNDI.2013.0571475:1(2-8)Online publication date: 13-Dec-2018
https://dl.acm.org/doi/10.1504/IJMNDI.2013.057147
Wang HHe HZhang W(2018)DemadroidSecurity and Communication Networks10.1155/2018/70641312018Online publication date: 31-May-2018
https://dl.acm.org/doi/10.1155/2018/7064131
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Recommendations

Android Applications Repackaging Detection Techniques for Smartphone Devices

Android Malware Detection via a Latent Network Behavior Analysis

Hartley's test ranked opcodes for Android malware analysis

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Get Access

Login options

Full Access

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations