Situational Awareness Framework for Threat Intelligence Measurement of Android Malware

With the development of the Internet of Things (IoT) technology, various devices are connected to the network. The availability of mobile devices is increasing to remotely control these electronic products. As the importance of mobile devices increases, operating systems such as Android OS and iOS are targeted for cyber attacks. In addition, mobile devices are used to manage business data as well as private areas, including text messages and contacts, so the risk of attack is also increasing. This paper proposes threat intelligence evaluation for mobile malware from the viewpoint of situational awareness by extracting features that can detect Android malware using machine learning algorithms.

[1]  John R. Boyd,et al.  The Essence of Winning and Losing , 2012 .

[2]  Daniel A. Pinkston Inter-Korean Rivalry in the Cyber Domain: The North Korean Cyber Threat in the Sŏn’gun Era , 2017 .

[3]  Hahn-Ming Lee,et al.  DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[4]  Aziz Mohaisen,et al.  Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information , 2015, Digit. Investig..

[5]  Win Zaw,et al.  Permission-Based Android Malware Detection , 2013 .

[6]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[7]  Robert F. Mills,et al.  Developing Systems for Cyber Situational Awareness * , 2009 .

[8]  George P. Tadda,et al.  Overview of Cyber Situation Awareness , 2010, Cyber Situational Awareness.

[9]  Anil K. Jain,et al.  Unsupervised Learning of Finite Mixture Models , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[10]  Salvatore J. Stolfo,et al.  Data mining methods for detection of new malicious executables , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[11]  Anil K. Jain Data clustering: 50 years beyond K-means , 2008, Pattern Recognit. Lett..

[12]  Enabling Distributed Security in Cyberspace Building a Healthy and Resilient Cyber Ecosystem with Automated Collective Action Executive Summary Like , .

[13]  Douglas A. Reynolds Gaussian Mixture Models , 2009, Encyclopedia of Biometrics.

[14]  Gilad Hirschberger,et al.  Vulnerability and Vigilance: Threat Awareness and Perceived Adversary Intent Moderate the Impact of Mortality Salience on Intergroup Violence , 2009, Personality & social psychology bulletin.

[15]  Mica R. Endsley,et al.  Toward a Theory of Situation Awareness in Dynamic Systems , 1995, Hum. Factors.

[16]  Alan N. Steinberg,et al.  Revisions to the JDL data fusion model , 1999, Defense, Security, and Sensing.

[17]  Nicholas T Pantin Key Terrain: Application to the Layers of Cyberspace , 2017 .

[18]  Florian Skopik,et al.  Analysis and Assessment of Situational Awareness Models for National Cyber Security Centers , 2017, ICISSP.

[19]  Peng Xie,et al.  Network-Wide Awareness , 2014, Cyber Defense and Situational Awareness.

[20]  Reza Pulungan,et al.  Time-Dependent Analysis of Attacks , 2014, POST.

[21]  David Clark,et al.  Integrating Cyberspace and International Relations: The Co-Evolution Dilemma , 2012 .

[22]  David M. W. Powers,et al.  Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation , 2011, ArXiv.