论文信息 - Malware detection on android smartphones using keywords vector and SVM

Malware detection on android smartphones using keywords vector and SVM

With the development of smart phones, more and more mobile phone malwares have came out in the market especially on the popular platforms such as Android, which can potentially cause harm to users' information. But how to effectively detect the new malwares and malicious software variants has been a difficult problem. In view of the traditional feature extraction method based on binary program, this paper presents a method for feature extraction of JAVA source code. The method uses the Keywords Correlation Distance to compute the correlation between key codes such as API calls, Android permissions, the common parameters, and the common key words in Android malware source code. Then SVM is applied to make the system gain to accommodate the function of the new malicious software sample, so as to detect new malicious software and existing malwares. This method is different from the conventional methods which are based on the context of the text. This method combines the characteristics of the malicious software categories and operating environment to record the behavior of the malicious software. Experiments show that the method is efficient and effective in detecting malwares on Android platform.

[1] Simin Nadjm-Tehrani,et al. Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[2] J. Foster,et al. SCanDroid: Automated Security Certification of Android , 2009 .

[3] Heng Yin,et al. DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android , 2013, SecureComm.

[4] Steve Hanna,et al. Android permissions demystified , 2011, CCS '11.

[5] Yajin Zhou,et al. Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.

[6] Konrad Rieck,et al. DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[7] Hahn-Ming Lee,et al. DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[8] Chih-Jen Lin,et al. LIBSVM: A library for support vector machines , 2011, TIST.

[9] Paul M. B. Vitányi,et al. The Google Similarity Distance , 2004, IEEE Transactions on Knowledge and Data Engineering.

[10] Yajin Zhou,et al. Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[11] Xingquan Zhu,et al. Machine Learning for Android Malware Detection Using Permission and API Calls , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[12] Patrick D. McDaniel,et al. On lightweight mobile phone application certification , 2009, CCS.