Real-Time Behavior Analysis and Identification for Android Application

The number of applications based on the Android platform is increasing rapidly now. However, as the supervision and review of Android applications are inadequate, a reasonable chance exists that users will download malware. This malware can lead to information leakage, monetary loss, and other damages. At present, a variety of applications exist for detecting malware, but most of these applications cannot show specific malicious behaviors. Moreover, the operation of this detection software is based on the database of viruses, and thus, it cannot identify unknown malware. To solve these problems, we implemented a system to detect the behaviors of Android applications and identify known or unknown malware. Our system can monitor specified applications utilizing loading a kernel module. After the detection process, the related documents are uploaded to the server, and the dynamic behaviors are reconstructed. As a result, a behavior diagram is generated. In addition, if the user needs to know whether the application is malware, the related Android package is sent to the server and analyzed. Then, the server calculates the results and the results are returned to the client.

[1]  Xiaojiang Du,et al.  A survey of key management schemes in wireless sensor networks , 2007, Comput. Commun..

[2]  Xiaojiang Du,et al.  Security in wireless sensor networks , 2008, IEEE Wireless Communications.

[3]  Mohsen Guizani,et al.  Secure and Efficient Time Synchronization in Heterogeneous Sensor Networks , 2008, IEEE Transactions on Vehicular Technology.

[4]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[5]  Christopher Krügel,et al.  AccessMiner: using system-centric models for malware protection , 2010, CCS '10.

[6]  BongNam Noh,et al.  Android platform based linux kernel rootkit , 2011, 2011 6th International Conference on Malicious and Unwanted Software.

[7]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[8]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[9]  Heng Yin,et al.  DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.

[10]  Yajin Zhou,et al.  RiskRanker: scalable and accurate zero-day android malware detection , 2012, MobiSys '12.

[11]  Aleksandrina Kovacheva,et al.  Efficient Code Obfuscation for Android , 2013, IAIT.

[12]  Xiaojiang Du,et al.  PIPAC: Patient infusion pattern based access control scheme for wireless insulin pump system , 2013, 2013 Proceedings IEEE INFOCOM.

[13]  Thorsten Holz,et al.  Slicing droids: program slicing for smali code , 2013, SAC '13.

[14]  Johannes Köstler,et al.  Kynoid: Real-time enforcement of fine-grained, user-defined, and data-centric security policies for Android , 2013, Inf. Secur. Tech. Rep..

[15]  Yuan Zhang,et al.  Vetting undesirable behaviors in android apps with permission use analysis , 2013, CCS.

[16]  L. Cavallaro,et al.  A System Call-Centric Analysis and Stimulation Technique to Automatically Reconstruct Android Malware Behaviors , 2013 .

[17]  Xue Zhi Study on Android Rootkit based on VFS , 2013 .

[18]  Christopher Krügel,et al.  Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications , 2014, NDSS.

[19]  Isil Dillig,et al.  Apposcopy: semantics-based detection of Android malware through static analysis , 2014, SIGSOFT FSE.

[20]  Yang Shulin,et al.  Research and implementation of Web Services in Android network communication framework Volley , 2014, 2014 11th International Conference on Service Systems and Service Management (ICSSSM).

[21]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[22]  Xiaojiang Du,et al.  Patient Infusion Pattern based Access Control Schemes for Wireless Insulin Pump System , 2015, IEEE Transactions on Parallel and Distributed Systems.

[23]  Adity,et al.  DETECTION AND PREVENTION OF MALICIOUS NODE USING DATA CENTRIC TECHNIQUES , 2016 .

[24]  George K. Karagiannidis,et al.  Secure Multiple Amplify-and-Forward Relaying With Cochannel Interference , 2016, IEEE Journal of Selected Topics in Signal Processing.

[25]  Jie Wu,et al.  Effective Defense Schemes for Phishing Attacks on Mobile Computing Platforms , 2016, IEEE Transactions on Vehicular Technology.

[26]  Mohsen Guizani,et al.  A lightweight live memory forensic approach based on hardware virtualization , 2017, Information Sciences.

[27]  George K. Karagiannidis,et al.  Secrecy Cooperative Networks With Outdated Relay Selection Over Correlated Fading Channels , 2017, IEEE Transactions on Vehicular Technology.

[28]  Junhui Zhao,et al.  Cache-Aided Multiuser Cognitive Relay Networks With Outdated Channel State Information , 2018, IEEE Access.

[29]  Xin Liu,et al.  Cache Aided Decode-and-Forward Relaying Networks: From the Spatial View , 2018, Wirel. Commun. Mob. Comput..