Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Background and Related Work

  • Chapter
  • First Online:
Android Malware Detection using Machine Learning

Part of the book series: Advances in Information Security ((ADIS,volume 86))

  • 907 Accesses

Abstract

In this chapter, we review and compare the state-of-the-art proposals on Android malware analysis and detection according to a novel taxonomy. Due to the large number of published contributions, we focus our review on the most prominent articles in terms of novelty and contributions, with an emphasis on those published in top-tier security journals and conferences. The proposed taxonomy is based on the generality of Android malware threats. It classifies the existing systems into: (1) general malware detection, which aims to detect malware without taking into account a particular type of attack, and (2) attack-based malware detection, which aims at detecting specific attacks such as privilege escalation attacks, data leakage attacks, etc. Furthermore, each threat category is classified according to the system deployment of the detection approach, i.e., the physical environment into which the system is intended to run. Furthermore, we consider three main deployment architectures: workstation-based, mobile-based, and hybrid architectures. The proposed two-level taxonomy allows carrying out an objective and appropriate analysis by comparing only systems that are addressing the same threat category, and having the same deployment architecture as they share the same goals and have similar issues to solve.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Open Handset Alliance, https://www.openhandsetalliance.com/android_overview.html. Accessed Dec 2016

  2. The Android Native Development Kit (NDK), https://developer.android.com/ndk/index.html. Accessed Jan 2016

  3. Android Platform Architecture, https://developer.android.com/guide/platform/index.html. Accessed March 2017

  4. J. Oberheide, C. Miller, Dissecting the android bouncer, in SummerCon2012, New York (2012)

    Google Scholar 

  5. Appchine Market, http://www.appchina.com/. Accessed March 2017

  6. Mumayi Market, http://www.mumayi.com/. Accessed Jan 2017

  7. Beware! New Android Malware Infected 2 Million Google Play Store Users, http://thehackernews.com/2017/04/android-malware-playstore.html. Accessed April 2017

  8. HummingBad Android Malware Found in 20 Google Play Store Apps, https://www.bleepingcomputer.com/news/security/hummingbad-android-malware-found-in-20-google-play-store-apps/. Accessed Jan 2017

  9. List: 44 Android apps infected with malware made their way to the Google Play store, http://clark.com/technology/google-play-malware-app-hummingbad. Accessed Dec 2017

  10. A.P. Felt, E. Ha, S. Egelman, A. Haney, E. Chin, D.A. Wagner, Android permissions: user attention, comprehension, and behavior, in Symposium On Usable Privacy and Security, SOUPS ’12, Washington, DC, USA, 11–13 July 2012, p. 3

    Google Scholar 

  11. A.P. Felt, E. Chin, S. Hanna, D. Song, D.A. Wagner, Android permissions demystified, in Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, 17–21 Oct 2011, pp. 627–638

    Google Scholar 

  12. E.B. Karbab, M. Debbabi, S. Alrabaee, D. Mouheb, Dysign: dynamic fingerprinting for the automatic detection of android malware. CoRR, abs/1702.05699 (2017)

    Google Scholar 

  13. E.B. Karbab, M. Debbabi, S. Alrabaee, D. Mouheb, Dysign: dynamic fingerprinting for the automatic detection of android malware, in 11th International Conference on Malicious and Unwanted Software, MALWARE 2016, Fajardo, PR, USA, 18–21 Oct 2016, pp. 139–146

    Google Scholar 

  14. D. Arp, M. Spreitzenbarth, M. Hubner, H. Gascon, K. Rieck, DREBIN: effective and explainable detection of android malware in your pocket, in 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 Feb 2014

    Google Scholar 

  15. Y. Feng, S. Anand, I. Dillig, A. Aiken, Apposcopy: semantics-based detection of android malware through static analysis, in Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, (FSE-22), Hong Kong, China, 16–22 Nov 2014, pp. 576–587

    Google Scholar 

  16. A.I. Ali-Gombe, I. Ahmed, G.G. Richard III, V. Roussev, Aspectdroid: android app analysis system, in Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, CODASPY 2016, New Orleans, LA, USA, 9–11 March 2016, pp. 145–147

    Google Scholar 

  17. G. Canfora, E. Medvet, F. Mercaldo, C.A. Visaggio, Acquiring and analyzing app metrics for effective mobile malware detection, in Proceedings of the 2016 ACM on International Workshop on Security and Privacy Analytics, IWSPA@CODASPY 2016, New Orleans, LA, USA, 11 March 2016, pp. 50–57

    Google Scholar 

  18. S. Bhandari, R. Gupta, V. Laxmi, M.S. Gaur, A. Zemmari, M. Anikeev, DRACO: droid analyst combo an android malware analysis framework, in Proceedings of the 8th International Conference on Security of Information and Networks, SIN 2015, Sochi, Russian Federation, 8–10 Sept 2015, pp. 283–289

    Google Scholar 

  19. M. Zhang, Y. Duan, H. Yin, Z. Zhao, Semantics-aware android malware classification using weighted contextual API dependency graphs, in Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA 3–7 Nov 2014, pp. 1105–1116

    Google Scholar 

  20. E.B. Karbab, M. Debbabi, D. Mouheb, Fingerprinting Android packaging: generating DNAs for malware detection. Digit. Investig. 18, S33–S45 (2016)

    Article  Google Scholar 

  21. W. Yang, J. Li, Y. Zhang, Y. Li, J. Shu, D. Gu, Apklancet: tumor payload diagnosis and purification for android applications, in 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS ’14, Kyoto, Japan, 03–06 June 2014, pp. 483–494

    Google Scholar 

  22. Y. Zhongyang, Z. Xin, B. Mao, L. Xie, Droidalarm: an all-sided static analysis tool for android privilege-escalation malware, in 8th ACM Symposium on Information, Computer and Communications Security, ASIA CCS ’13, Hangzhou, China, 08–10 May 2013, pp. 353–358

    Google Scholar 

  23. B. Sanz, I. Santos, X. Ugarte-Pedrero, C. Laorden, J. Nieves, P.G. Bringas, Anomaly detection using string analysis for android malware detection, in International Joint Conference SOCO’13-CISIS’13-ICEUTE’13 -Proceedings, Salamanca, Spain, 11–13 Sept 2013, pp. 469–478

    Google Scholar 

  24. T. Kim, B. Kang, M. Rho, S. Sezer, E.G. Im, A multimodal deep learning method for android malware detection using various features. IEEE Trans. Inf. Forensics Secur. 14(3), 773–788 (2019)

    Article  Google Scholar 

  25. L. Onwuzurike, E. Mariconti, P. Andriotis, E.D. Cristofaro, G.J. Ross, G. Stringhini, Mamadroid: detecting android malware by building Markov chains of behavioral models (extended version). ACM Trans. Priv. Secur. 22(2), 14:1–14:34 (2019)

    Google Scholar 

  26. K. Xu, Y. Li, R.H. Deng, K. Chen, Deeprefiner: multi-layer android malware detection system applying deep neural networks, in 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, 24–26 April 2018, pp. 473–487

    Google Scholar 

  27. K. Xu, Y. Li, R.H. Deng, K. Chen, J. Xu, Droidevolver: self-evolving android malware detection system, in IEEE European Symposium on Security and Privacy, EuroS&P 2019, Stockholm, Sweden, 17–19 June 2019, pp. 47–62

    Google Scholar 

  28. J. Allen, M. Landen, S. Chaba, Y. Ji, S.P.H. Chung, W. Lee, Improving accuracy of android malware detection with lightweight contextual awareness, in Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, 03–07 Dec 2018, pp. 210–221

    Google Scholar 

  29. K.O. Elish, X. Shu, D.D. Yao, B.G. Ryder, X. Jiang, Profiling user-trigger dependence for android malware detection. Comput. Secur. 49, 255–273 (2015)

    Article  Google Scholar 

  30. F. Idrees, M. Rajarajan, M. Conti, T.M. Chen, Y. Rahulamathavan, Pindroid: a novel android malware detection system using ensemble learning methods. Comput. Secur. 68, 36–46 (2017)

    Article  Google Scholar 

  31. P. Burnap, R. French, F. Turner, K. Jones, Malware classification using self organising feature maps and machine activity data. Comput. Secur. 73, 399–410 (2018)

    Article  Google Scholar 

  32. S. Badhani, S.K. Muttoo, Cendroid - a cluster-ensemble classifier for detecting malicious android applications. Comput. Secur. 85, 25–40 (2019)

    Article  Google Scholar 

  33. P. Faruki, A. Bharmal, V. Laxmi, V. Ganmoor, M.S. Gaur, M. Conti, M. Rajarajan, Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998–1022 (2015)

    Article  Google Scholar 

  34. P. Faruki, V. Ganmoor, V. Laxmi, M.S. Gaur, A. Bharmal, Androsimilar: robust statistical feature signature for android malware detection, in The 6th International Conference on Security of Information and Networks, SIN ’13, Aksaray, Turkey, 26–28 Nov 2013, pp. 152–159

    Google Scholar 

  35. E. Chin, A.P. Felt, K. Greenwood, D.A. Wagner, Analyzing inter-application communication in android, in Proceedings of the 9th International Conference on Mobile Systems, Applications, and Services (MobiSys 2011), Bethesda, MD, USA, 28 June–01 July 2011, pp. 239–252

    Google Scholar 

  36. A.P. Fuchs, A. Chaudhuri, J.S. Foster, Scandroid: automated security certification of android (2009). https://www.cs.umd.edu/~avik/papers/scandroidascaa.pdf

  37. B.P. Sarma, N. Li, C.S. Gates, R. Potharaju, C. Nita-Rotaru, I. Molloy, Android permissions: a perspective combining risks and benefits, in 17th ACM Symposium on Access Control Models and Technologies, SACMAT ’12, Newark, NJ, USA, 20–22 June 2012, pp. 13–22

    Google Scholar 

  38. D. Barrera, H.G. Kayacik, P.C. van Oorschot, A. Somayaji, A methodology for empirical analysis of permission-based security models and its application to android, in Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, 4–8 Oct 2010, pp. 73–84

    Google Scholar 

  39. W. Enck, M. Ongtang, P.D. McDaniel, On lightweight mobile phone application certification, in Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, 9–13 Nov 2009, pp. 235–245

    Google Scholar 

  40. M.C. Grace, Y. Zhou, Q. Zhang, S. Zou, X. Jiang, Riskranker: scalable and accurate zero-day android malware detection, in The 10th International Conference on Mobile Systems, Applications, and Services, MobiSys’12, Ambleside, United Kingdom, 25–29 June 2012, pp. 281–294

    Google Scholar 

  41. J. Kim, Y. Yoon, K. Yi, J. Shin, S. Center, (POSTER) ScanDal: static analyzer for detecting privacy leaks in android applications. IEEE Secur. Priv. 12(1), 1–10 (2012)

    Google Scholar 

  42. Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X.S. Wang, B. Zang, Vetting undesirable behaviors in android apps with permission use analysis, in 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, Berlin, Germany, 4–8 Nov 2013, pp. 611–622

    Google Scholar 

  43. B. Amos, H.A. Turner, J. White, Applying machine learning classifiers to dynamic android malware detection at scale, in 2013 9th International Wireless Communications and Mobile Computing Conference, IWCMC 2013, Sardinia, Italy, 1–5 July 2013, pp. 1666–1671

    Google Scholar 

  44. T. Wei, C. Mao, A.B. Jeng, H. Lee, H. Wang, D. Wu, Android malware detection via a latent network behavior analysis, in 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2012, Liverpool, United Kingdom, 25–27 June 2012, pp. 1251–1258

    Google Scholar 

  45. J. Huang, X. Zhang, L. Tan, P. Wang, B. Liang, Asdroid: detecting stealthy behaviors in android applications by user interface and program behavior contradiction, in 36th International Conference on Software Engineering, ICSE ’14, Hyderabad, India, 31 May–07 June 2014, pp. 1036–1046

    Google Scholar 

  46. A. Saracino, D. Sgandurra, G. Dini, F. Martinelli, MADAM: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Sec. Comput. 15(1), 83–97 (2018)

    Article  Google Scholar 

  47. W. Enck, P. Gilbert, B. Chun, L.P. Cox, J. Jung, P.D. McDaniel, A. Sheth, Taintdroid: an information flow tracking system for real-time privacy monitoring on smartphones. Commun. ACM 57(3), 99–106 (2014)

    Article  Google Scholar 

  48. I. Burguera, U. Zurutuza, S. Nadjm-Tehrani, Crowdroid: behavior-based malware detection system for android, in SPSM’11, Proceedings of the 1st ACM Workshop Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2011, Chicago, IL, USA, 17 Oct 2011, pp. 15–26

    Google Scholar 

  49. K.O. Elish, D. Yao, B.G. Ryder, User-centric dependence analysis for identifying malicious mobile apps, in 2012 IEEE Security and Privacy Workshops, SP Workshops 2012 (2016)

    Google Scholar 

  50. A. Shabtai, U. Kanonov, Y. Elovici, C. Glezer, Y. Weiss, “andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)

    Google Scholar 

  51. A. Reina, A. Fattori, L. Cavallaro, A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors, in EuroSec, April 2013

    Google Scholar 

  52. D. Damopoulos, G. Kambourakis, G. Portokalidis, The best of both worlds: a framework for the synergistic operation of host and cloud anomaly-based IDS for smartphones, in Proceedings of the Seventh European Workshop on System Security, EuroSec 2014, Amsterdam, The Netherlands, 13 April 2014, pp. 6:1–6:6

    Google Scholar 

  53. M. Spreitzenbarth, F.C. Freiling, F. Echtler, T. Schreck, J. Hoffmann, Mobile-sandbox: having a deeper look into android applications, in Proceedings of the 28th Annual ACM Symposium on Applied Computing, SAC ’13, Coimbra, Portugal, 18–22 March 2013, pp. 1808–1815

    Google Scholar 

  54. M. Lindorfer, M. Neugschwandtner, L. Weichselbaum, Y. Fratantonio, V. van der Veen, C. Platzer, ANDRUBIS - 1, 000, 000 apps later: a view on current android malware behaviors, in Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, BADGERS@ESORICS 2014, Wroclaw, Poland, 11 Sept 2014, pp. 3–17

    Google Scholar 

  55. T. Vidas, J. Tan, J. Nahata, C.L. Tan, N. Christin, P. Tague, A5: automated analysis of adversarial android applications, in Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, SPSM@CCS 2014, Scottsdale, AZ, USA, 03–07 Nov 2014, pp. 39–50

    Google Scholar 

  56. Y. Zhou, Z. Wang, W. Zhou, X. Jiang, Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets, in 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, 5–8 Feb 2012

    Google Scholar 

  57. F. Martinelli, F. Mercaldo, A. Saracino, BRIDEMAID: an hybrid tool for accurate detection of android malware, in Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2017, Abu Dhabi, United Arab Emirates, 2–6 April 2017, pp. 899–901

    Google Scholar 

  58. J. Jang, H. Kang, J. Woo, A. Mohaisen, H.K. Kim, Andro-dumpsys: anti-malware system based on the similarity of malware creator and malware centric information. Comput. Secur. 58, 125–138 (2016)

    Article  Google Scholar 

  59. A.I. Ali-Gombe, B. Saltaformaggio, J. Ramanujam, D. Xu, G.G. Richard III, Toward a more dependable hybrid analysis of android malware using aspect-oriented programming. Comput. Secur. 73, 235–248 (2018)

    Article  Google Scholar 

  60. A.I. Ali-Gombe, I. Ahmed, G.G. Richard III, V. Roussev, Opseq: android malware fingerprinting, in Proceedings of the 5th Program Protection and Reverse Engineering Workshop, PPREW@ACSAC, Los Angeles, CA, USA, 8 Dec 2015, pp. 7:1–7:12

    Google Scholar 

  61. L. Deshotels, V. Notani, A. Lakhotia, Droidlegacy: automated familial classification of android malware, in Proceedings of the 3rd ACM SIGPLAN Program Protection and Reverse Engineering Workshop 2014, PPREW 2014, San Diego, CA, USA, 25 Jan 2014, pp. 3:1–3:12 (2014)

    Google Scholar 

  62. J. Lee, S. Lee, H. Lee, Screening smartphone applications using malware family signatures. Comput. Secur. 52, 234–249 (2015)

    Article  Google Scholar 

  63. J. Kim, T. Kim, E.G. Im, Structural information based malicious app similarity calculation and clustering, in Proceedings of the 2015 Conference on Research in Adaptive and Convergent Systems, RACS 2015, Prague, Czech Republic, 9–12 Oct 2015, pp. 314–318

    Google Scholar 

  64. G. Suarez-Tangil, J.E. Tapiador, P. Peris-Lopez, J.B. Alís, Dendroid: a text mining approach to analyzing and classifying code structures in android malware families. Expert Syst. Appl. 41(4), 1104–1117 (2014)

    Article  Google Scholar 

  65. Y. Lin, Y. Lai, C. Chen, H. Tsai, Identifying android malicious repackaged applications by thread-grained system call sequences. Comput. Secur. 39, 340–350 (2013)

    Article  Google Scholar 

  66. P. Faruki, V. Laxmi, A. Bharmal, M.S. Gaur, V. Ganmoor, Androsimilar: robust signature for detecting variants of android malware. J. Inf. Sec. Appl. 22, 66–80 (2015)

    Google Scholar 

  67. K. Chen, P. Wang, Y. Lee, X. Wang, N. Zhang, H. Huang, W. Zou, P. Liu, Finding unknown malice in 10 seconds: mass vetting for new threats at the google-play scale, in 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, 12–14 Aug 2015, pp. 659–674

    Google Scholar 

  68. M. Sun, M. Li, J.C.S. Lui, Droideagle: seamless detection of visually similar android apps, in Proceedings of the 8th ACM Conference on Security & Privacy in Wireless and Mobile Networks, New York, NY, USA, 22–26 June 2015, pp. 9:1–9:12

    Google Scholar 

  69. W. Zhou, Y. Zhou, X. Jiang, P. Ning, Detecting repackaged smartphone applications in third-party android marketplaces, in Second ACM Conference on Data and Application Security and Privacy, CODASPY 2012, San Antonio, TX, USA, 7–9 Feb 2012, pp. 317–326

    Google Scholar 

  70. S. Hanna, L. Huang, E.X. Wu, S. Li, C. Chen, D. Song, Juxtapp: a scalable system for detecting code reuse among android applications, in Detection of Intrusions and Malware, and Vulnerability Assessment - 9th International Conference, DIMVA 2012, Heraklion, Crete, Greece, Revised Selected Papers, 26–27 July 2012, pp. 62–81

    Google Scholar 

  71. J. Crussell, C. Gibler, H. Chen, Attack of the clones: detecting cloned applications on android markets, in Computer Security - ESORICS 2012 Proceedings - 17th European Symposium on Research in Computer Security, Pisa, Italy, 10–12 Sept 2012, pp. 37–54

    Google Scholar 

  72. W. Zhou, Y. Zhou, M.C. Grace, X. Jiang, S. Zou, Fast, scalable detection of “piggybacked” mobile applications, in Third ACM Conference on Data and Application Security and Privacy, CODASPY’13, San Antonio, TX, USA, 18–20 Feb 2013, pp. 185–196

    Google Scholar 

  73. J. Crussell, C. Gibler, H. Chen, Andarwin: scalable detection of semantically similar android applications, in Computer Security - ESORICS 2013 Proceedings - 18th European Symposium on Research in Computer Security, Egham, UK, 9–13 Sept 2013, pp. 182–199

    Google Scholar 

  74. E.B. Karbab, M. Debbabi, A. Derhab, D. Mouheb, Cypider: building community-based cyber-defense infrastructure for android malware detection, in Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC 2016, Los Angeles, CA, USA, 5–9 Dec 2016, pp. 348–362

    Google Scholar 

  75. K. Tian, D.D. Yao, B.G. Ryder, G. Tan, G. Peng, Detection of repackaged android malware with code-heterogeneity features. IEEE Trans. Dependable Secure Comput. (2017). https://doi.org/10.1109/TDSC.2017.2745575

  76. M. Fan, J. Liu, X. Luo, K. Chen, Z. Tian, Q. Zheng, T. Liu, Android malware familial classification and representative sample selection via frequent subgraph analysis. IEEE Trans. Inf. Forensics Secur. 13(8), 1890–1905 (2018)

    Article  Google Scholar 

  77. E. Mariconti, L. Onwuzurike, P. Andriotis, E.D. Cristofaro, G.J. Ross, G. Stringhini, Mamadroid: detecting android malware by building Markov chains of behavioral models, in 24th Annual Network and Distributed System Security Symposium, NDSS 2017, San Diego, California, USA, 26 Feb–1 March 2017

    Google Scholar 

  78. L. Onwuzurike, E. Mariconti, P. Andriotis, E.D. Cristofaro, G.J. Ross, G. Stringhini, Mamadroid: detecting android malware by building Markov chains of behavioral models (extended version). ACM Trans. Priv. Secur. 22(2), 14:1–14:34 (2019)

    Google Scholar 

  79. S. Chen, M. Xue, Z. Tang, L. Xu, H. Zhu, Stormdroid: a streaminglized machine learning-based system for detecting android malware, in Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, AsiaCCS 2016, Xi’an, China, 30 May–3 June 2016, pp. 377–388

    Google Scholar 

  80. H.M.J. Almohri, D.D. Yao, D.G. Kafura, Droidbarrier: know what is executing on your android, in Fourth ACM Conference on Data and Application Security and Privacy, CODASPY’14, San Antonio, TX, USA, 03–05 March 2014, pp. 257–264

    Google Scholar 

  81. J. Sahs, L. Khan, A machine learning approach to android malware detection, in 2012 European Intelligence and Security Informatics Conference, EISIC 2012, Odense, Denmark, 22–24 Aug 2012, pp. 141–147

    Google Scholar 

  82. M. Sun, X. Li, J.C.S. Lui, R.T.B. Ma, Z. Liang, Monet: a user-oriented behavior-based malware variants detection system for android. IEEE Trans. Inf. Forensics Secur. 12(5), 1103–1112 (2017)

    Article  Google Scholar 

  83. K. Xu, Y. Li, R.H. Deng, Iccdetector: Icc-based malware detection on android. IEEE Trans. Inf. Forensics Secur. 11(6), 1252–1264 (2016)

    Article  Google Scholar 

  84. J. Crussell, C. Gibler, H. Chen, Andarwin: scalable detection of android application clones based on semantics. IEEE Trans. Mob. Comput. 14(10), 2007–2019 (2015)

    Article  Google Scholar 

  85. S. Arzt, S. Rasthofer, C. Fritz, E. Bodden, A. Bartel, J. Klein, Y.L. Traon, D. Octeau, P.D. McDaniel, Flowdroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps, in ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’14, Edinburgh, United Kingdom, 09–11 June 2014, pp. 259–269

    Google Scholar 

  86. S. Rasthofer, S. Arzt, E. Bodden, A machine-learning approach for classifying and categorizing android sources and sinks, in 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 Feb 2014

    Google Scholar 

  87. P. Lam, E. Bodden, O. Lhoták, L. Hendren, The Soot framework for Java program analysis: a retrospective, in Cetus Users and Compiler Infrastructure Workshop (CETUS 2011), vol. 15 (2011), p. 35

    Google Scholar 

  88. A. Bartel, J. Klein, Y.L. Traon, M. Monperrus, Dexpler: converting android Dalvik bytecode to Jimple for static analysis with soot, in Proceedings of the ACM SIGPLAN International Workshop on State of the Art in Java Program analysis, SOAP 2012, Beijing, China, 14 June 2012, pp. 27–38

    Google Scholar 

  89. R. Xu, H. Saïdi, R.J. Anderson, Aurasium: practical policy enforcement for android applications, in Proceedings of the 21th USENIX Security Symposium, Bellevue, WA, USA, 8–10 Aug 2012, pp. 539–552

    Google Scholar 

  90. M. Backes, S. Gerling, C. Hammer, M. Maffei, P. von Styp-Rekowsky, Appguard - fine-grained policy enforcement for untrusted android applications, in Data Privacy Management and Autonomous Spontaneous Security - 8th International Workshop, DPM 2013, and 6th International Workshop, SETOP 2013, Egham, UK, Revised Selected Papers, 12–13 Sept 2013, pp. 213–231

    Google Scholar 

  91. M. Sun, M. Zheng, J.C.S. Lui, X. Jiang, Design and implementation of an android host-based intrusion prevention system, in Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, 8–12 Dec 2014, pp. 226–235

    Google Scholar 

  92. B. Rashidi, C.J. Fung, E. Bertino, Android resource usage risk assessment using hidden Markov model and online learning. Comput. Secur. 65, 90–107 (2017)

    Article  Google Scholar 

  93. M. Backes, S. Bugiel, E. Derr, P.D. McDaniel, D. Octeau, S. Weisgerber, On demystifying the android application framework: re-visiting android permission specification analysis, in 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, 10–12 Aug 2016, pp. 1101–1118

    Google Scholar 

  94. V. Rastogi, Y. Chen, X. Jiang, Droidchameleon: evaluating android anti-malware against transformation attacks, in 8th ACM Symposium on Information, Computer and Communications Security, ASIA CCS ’13, Hangzhou, China, 08–10 May 2013, pp. 329–334

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Security Researh Centre Gina Cody School of Engineering and Computer Science, Concordia University, Montreal, QC, Canada

    ElMouatez Billah Karbab & Mourad Debbabi

  2. Center of Excellence in Information Assurance Department, King Saud University, Riyadh, Saudi Arabia

    Abdelouahid Derhab

  3. Department of Computer Science College of Sciences, University of Sharjah, Sharjah, United Arab Emirates

    Djedjiga Mouheb

Authors
  1. ElMouatez Billah Karbab
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mourad Debbabi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abdelouahid Derhab
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Djedjiga Mouheb
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Billah Karbab, E., Debbabi, M., Derhab, A., Mouheb, D. (2021). Background and Related Work. In: Android Malware Detection using Machine Learning. Advances in Information Security, vol 86. Springer, Cham. https://doi.org/10.1007/978-3-030-74664-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-74664-3_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-74663-6

  • Online ISBN: 978-3-030-74664-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation