论文信息 - Clustering-based anomaly detection for smartphone applications

Clustering-based anomaly detection for smartphone applications

Nowadays, Smartphones have been widely used due to their capabilities in communication and multimedia processing. Smartphones provide access to a tremendous amount of sensitive information related to business, such as customer contacts, financial data, and Intranet networks. Hence, the Internet of the future will be mobile Internet. However, threat of malicious software has become an important factor in the smartphones security. In this paper, a new behavior-based malware detection framework using three clustering methods (PAM, DBSCAN and t-distribution) is proposed. Experimental results show that the approach has high detection rate and low rate of false positive and false negative.

Rida Khatoun | Marc Lemercier | Ali El Attar

[1] Somesh Jha,et al. Static Analysis of Executables to Detect Malicious Patterns , 2003, USENIX Security Symposium.

[2] Christopher Krügel,et al. Limits of Static Analysis for Malware Detection , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[3] Zengyou He,et al. Discovering cluster-based local outliers , 2003, Pattern Recognit. Lett..

[4] Geoffrey J. McLachlan,et al. Robust mixture modelling using the t distribution , 2000, Stat. Comput..

[5] M. J. van der Laan,et al. A new partitioning around medoids algorithm , 2003 .

[6] Sahin Albayrak,et al. Enhancing security of linux-based android devices , 2008 .

[7] Hans-Peter Kriegel,et al. A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise , 1996, KDD.

[8] Yuval Elovici,et al. “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[9] Wang Peng,et al. Research on Adaptive Parameters Determination in DBSCAN Algorithm , 2012 .

[10] Somesh Jha,et al. Mining specifications of malicious behavior , 2008, ISEC '08.

[11] M. Amer,et al. Nearest-Neighbor and Clustering based Anomaly Detection Algorithms for RapidMiner , 2012 .