Characterization of Malware Detection on Android Application

Mobile malware performs malicious activities like stealing private information, sending message SMS, reading contacts and can even harm by exploiting data. Malwares are spreading around the world and infecting not only for end users but also for large organizations and service providers. Malware classification is a vital component and works together with malware identification to prepare the right and effective malware antidote. Not only malware classification but also malware characterization is also important to inform the user and install the malware application, because user are not aware to install the several application of their device. Android application requires several permissions to work. An essential step to install an Android application into a mobile device is to allow all permissions requested by the application. An application is being installed; the system prompts a list of permissions requested by the application and asks the user to confirm the installation. Although Google announced that a security check mechanism is applied to each application uploaded to their market, the open design of the Android operating system still allows a user to install any application downloaded from an unsafe source. Nevertheless, the permission list is still the minimal defense for a user to detect whether an application could be harmful. Therefore in my research work, characterization is still needed to be completed. Malware characterization will also be performed to identify different features from the manifest file. The proposed system can be used to improve the efficiency of Android permission system for informing the user about the risks of Android permissions and applications.

[1]  J. Foster,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[2]  Igor Santos,et al.  On the automatic categorisation of android applications , 2012, 2012 IEEE Consumer Communications and Networking Conference (CCNC).

[3]  Patrick D. McDaniel,et al.  Semantically Rich Application-Centric Security in Android , 2009, 2009 Annual Computer Security Applications Conference.

[4]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[5]  Mohammad Nauman,et al.  How secure is your smartphone: An analysis of smartphone security mechanisms , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[6]  Gianluca Dini,et al.  MADAM: A Multi-level Anomaly Detector for Android Malware , 2012, MMM-ACNS.

[7]  Sahin Albayrak,et al.  Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications , 2011, 2011 6th International Conference on Malicious and Unwanted Software.

[8]  Paul C. van Oorschot,et al.  A methodology for empirical analysis of permission-based security models and its application to android , 2010, CCS '10.

[9]  Hahn-Ming Lee,et al.  DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[10]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[11]  Avik Chaudhuri,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[12]  Xingquan Zhu,et al.  Machine Learning for Android Malware Detection Using Permission and API Calls , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[13]  Yuval Elovici,et al.  Automated Static Code Analysis for Classifying Android Applications Using Machine Learning , 2010, 2010 International Conference on Computational Intelligence and Security.

[14]  Shigeki Goto,et al.  Detecting Android Malware by Analyzing Manifest Files , 2013 .

[15]  Patrick McDaniel,et al.  Existing Applications Interactions in Android Semantically Rich Application-Centric Security in Android , 2009 .

[16]  David A. Wagner,et al.  The Effectiveness of Application Permissions , 2011, WebApps.

[17]  Gonzalo Álvarez,et al.  MAMA: MANIFEST ANALYSIS FOR MALWARE DETECTION IN ANDROID , 2013, Cybern. Syst..

[18]  Xinwen Zhang,et al.  Apex: extending Android permission model and enforcement with user-defined runtime constraints , 2010, ASIACCS '10.

[19]  Ian H. Witten,et al.  WEKA: a machine learning workbench , 1994, Proceedings of ANZIIS '94 - Australian New Zealnd Intelligent Information Systems Conference.

[20]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[21]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.