DMIA : A M ALWARE D ETECTION S YSTEM ON IOS P LATFORM

iOS is a popular operating system on Apple’s smartphones, and recent security events have shown the possibility of stealing the users' privacy in iOS without being detected, such as XcodeGhost. So, we present the design and implementation of a malware vetting system, called DMIA. DMIA first collects runtime information of an app and then distinguish between malicious and normal apps by a novel machine learning model. We evaluated DMIA with 1000 apps from the official App Store. The results of experiments show that DMIA is effective in detecting malwares aimed to steal privacy.

[1]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.

[2]  Christopher Krügel,et al.  Challenges for Dynamic Analysis of iOS Applications , 2011, iNetSeC.

[3]  Christopher Krügel,et al.  PiOS: Detecting Privacy Leaks in iOS Applications , 2011, NDSS.

[4]  Ali Mesbah,et al.  Reverse Engineering iOS Mobile Applications , 2012, 2012 19th Working Conference on Reverse Engineering.

[5]  Robert H. Deng,et al.  Launching Generic Attacks on iOS with Approved Third-Party Applications , 2013, ACNS.

[6]  Wenke Lee,et al.  Jekyll on iOS: When Benign Apps Become Evil , 2013, USENIX Security Symposium.

[7]  Patrick P. K. Chan,et al.  Static detection of Android malware by using permissions and API calls , 2014, 2014 International Conference on Machine Learning and Cybernetics.

[8]  Alessandra Gorla,et al.  Checking app behavior against app descriptions , 2014, ICSE.

[9]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[10]  Akanksha Sharma,et al.  Mining API Calls and Permissions for Android Malware Detection , 2014, CANS.

[11]  Venu Govindaraju,et al.  Malware detection via API calls, topic models and machine learning , 2015, 2015 IEEE International Conference on Automation Science and Engineering (CASE).

[12]  Xin Sun,et al.  Detection, Classification and Characterization of Android Malware Using API Data Dependency , 2015, SecureComm.

[13]  Xiangyu Zhang,et al.  iRiS: Vetting Private API Abuse in iOS Applications , 2015, CCS.