RoughDroid: Operative Scheme for Functional Android Malware Detection

There are thousands of malicious applications that invade Google Play Store every day and seem to be legal applications. These malicious applications have the ability to link the malware referred to as Dresscode created for network hacking as well as scrolling information. Since Android smartphones are indispensable, there should be an efficient and also unusual protection. Therefore, Android smartphones usually continue to be safeguarded from novel malware. In this paper, we propose RoughDroid, a floppy analysis technique that can discover Android malware applications directly on the smartphone. RoughDroid is based on seven feature sets ( ) from the XML manifest file of an Android application, plus three feature sets ( and ) from the Dex file. Those feature sets pass through the Rough Set algorithm to elastically classify the Android application as either benign or malicious. The experimental results mainly consider 20 most common malware families, plus three new malware families (Grabos, TrojanDropper.Agent.BKY, and AsiaHitGroup) that invade Google Play Store at 2017. According to the experimental results, RoughDroid has 95.6% detection performance for the malware families at 1% false-positive rate. Finally, RoughDroid is a lightweight approach for straightly examining downloaded applications on the smartphone.

[1]  Ninghui Li,et al.  Android permissions: a perspective combining risks and benefits , 2012, SACMAT '12.

[2]  Tao Peng,et al.  Collaborative trajectory privacy preserving scheme in location-based services , 2017, Inf. Sci..

[3]  Khaled Riad,et al.  Multi-Factor Synthesis Decision-Making for Trust-Based Access Control on Cloud , 2017, Int. J. Cooperative Inf. Syst..

[4]  Jianfeng Ma,et al.  A remotely keyed file encryption scheme under mobile cloud computing , 2018, J. Netw. Comput. Appl..

[5]  Jian Shen,et al.  A Novel Security Scheme Based on Instant Encrypted Transmission for Internet of Things , 2018, Secur. Commun. Networks.

[6]  Khaled Riad Blacklisting and Forgiving Coarse-grained Access Control for Cloud Computing , 2016 .

[7]  Ting Wu,et al.  Generating stable biometric keys for flexible cloud computing authentication using finger vein , 2016, Inf. Sci..

[8]  Yajin Zhou,et al.  RiskRanker: scalable and accurate zero-day android malware detection , 2012, MobiSys '12.

[9]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[10]  Shusaku Tsumoto,et al.  Rough representation of a region of interest in medical images , 2005, Int. J. Approx. Reason..

[11]  Khaled Riad,et al.  Revocation basis and proofs access control for cloud storage multi-authority systems , 2016, 2016 Third International Conference on Artificial Intelligence and Pattern Recognition (AIPR).

[12]  Qing Wang,et al.  Distance metric optimization driven convolutional neural network for age invariant face recognition , 2018, Pattern Recognit..

[13]  Gail-Joon Ahn,et al.  AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing , 2015, 2015 IEEE Conference on Collaboration and Internet Computing (CIC).

[14]  Hahn-Ming Lee,et al.  DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[15]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[16]  Jie Zhang,et al.  Data Placement for Privacy-Aware Applications over Big Data in Hybrid Clouds , 2017, Secur. Commun. Networks.

[17]  Jin Li,et al.  Flexible neural trees based early stage identification for IP traffic , 2017, Soft Comput..

[18]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[19]  Jerzy W. Grzymala-Busse,et al.  Rough Sets , 1995, Commun. ACM.

[20]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.

[21]  Witawas Srisa-an,et al.  Significant Permission Identification for Machine-Learning-Based Android Malware Detection , 2018, IEEE Transactions on Industrial Informatics.

[22]  Liehuang Zhu,et al.  An Identity-Based Anti-Quantum Privacy-Preserving Blind Authentication in Wireless Sensor Networks , 2018, Sensors.

[23]  Jun Zhang,et al.  JFCGuard: Detecting juice filming charging attack via processor usage analysis on smartphones , 2017, Comput. Secur..

[24]  H BloomBurton Space/time trade-offs in hash coding with allowable errors , 1970 .

[25]  Jun Cai,et al.  Enhancing network capacity by weakening community structure in scale-free network , 2017, Future Gener. Comput. Syst..

[26]  Qingju Wang,et al.  When Intrusion Detection Meets Blockchain Technology: A Review , 2018, IEEE Access.

[27]  Arun Kumar Sangaiah,et al.  Sensitivity Analysis of an Attack-Pattern Discovery Based Trusted Routing Scheme for Mobile Ad-Hoc Networks in Industrial IoT , 2018, IEEE Access.

[28]  Ninghui Li,et al.  Using probabilistic generative models for ranking risks of Android apps , 2012, CCS.

[29]  Germano Lambert-Torres,et al.  Rough Set Theory - Fundamental Concepts, Principals, Data Extraction, and Applications , 2009 .

[30]  Xuyun Zhang,et al.  A Distributed Locality-Sensitive Hashing-Based Approach for Cloud Service Recommendation From Multi-Source Data , 2017, IEEE Journal on Selected Areas in Communications.

[31]  L. Cavallaro,et al.  A System Call-Centric Analysis and Stimulation Technique to Automatically Reconstruct Android Malware Behaviors , 2013 .

[32]  R. K. Shyamasundar,et al.  Introduction to algorithms , 1996 .

[33]  Dongqing Xie,et al.  Social influence modeling using information theory in mobile social networks , 2017, Inf. Sci..

[34]  William Enck,et al.  AppsPlayground: automatic security analysis of smartphone applications , 2013, CODASPY.

[35]  Yuming Zhou,et al.  Structural Balance Theory-Based E-Commerce Recommendation over Big Rating Data , 2018, IEEE Transactions on Big Data.

[36]  Heng Yin,et al.  DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.

[37]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[38]  Jian Shen,et al.  Finger vein secure biometric template generation based on deep learning , 2018, Soft Comput..

[39]  Paul C. van Oorschot,et al.  A methodology for empirical analysis of permission-based security models and its application to android , 2010, CCS '10.

[40]  Tsau Young Lin,et al.  Rough Set Methods and Applications , 2000 .

[41]  Xiaochun Cheng,et al.  M-SSE: An Effective Searchable Symmetric Encryption With Enhanced Security for Mobile Devices , 2018, IEEE Access.

[42]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.