Malware Detection in Android files based on Multiple levels of Learning and Diverse Data Sources

Smart mobile device usage has expanded at a very high rate all over the world. Mobile devices have experienced a rapid shift from pure telecommunication devices to small ubiquitous computing platforms. They run sophisticated operating systems that need to confront the same risks as desktop computers, with Android as the most targeted platform for malware. The processing power is one of the factors that differentiate PC's and mobile phones. Mobile phones are more compact and therefore limited in memory and depend on a limited battery power for their energy needs. Hence developing apps to run on these devices should take into consideration the above mentioned factors. To improve the speed of detection, a multilevel detection mechanism using diverse data sources is designed for detecting malware balancing between the accuracy of detection and usage of less compute intensive computations. In this work we have analyzed android based malware for analysis and a multilevel detection mechanism is designed using diverse data sources. We have evaluated our work on a collection of Android based malware comprising of different malware families and our results show that the proposed method is faster with good performance

[1]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[2]  Wei Xu,et al.  Permlyzer: Analyzing permission usage in Android applications , 2013, 2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE).

[3]  Ethem Alpaydin,et al.  MultiStage Cascading of Multiple Classifiers: One Man's Noise is Another Man's Data , 2000, ICML.

[4]  Mohan M. Trivedi,et al.  Learning, Modeling, and Classification of Vehicle Track Patterns from Live Video , 2008, IEEE Transactions on Intelligent Transportation Systems.

[5]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[6]  Igor Santos,et al.  Anomaly Detection Using String Analysis for Android Malware Detection , 2013, SOCO-CISIS-ICEUTE.

[7]  Larry A. Rendell,et al.  The Feature Selection Problem: Traditional Methods and a New Algorithm , 1992, AAAI.

[8]  Nuno Vasconcelos,et al.  High Detection-rate Cascades for Real-Time Object Detection , 2007, 2007 IEEE 11th International Conference on Computer Vision.

[9]  Paul A. Viola,et al.  Rapid object detection using a boosted cascade of simple features , 2001, Proceedings of the 2001 IEEE Computer Society Conference on Computer Vision and Pattern Recognition. CVPR 2001.

[10]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[11]  Shipeng Yu,et al.  Designing efficient cascaded classifiers: tradeoff between accuracy and cost , 2010, KDD.

[12]  Gianluca Dini,et al.  MADAM: A Multi-level Anomaly Detector for Android Malware , 2012, MMM-ACNS.

[13]  Veelasha Moonsamy,et al.  Mining permission patterns for contrasting clean and malicious android applications , 2014, Future Gener. Comput. Syst..

[14]  Robert E. Schapire,et al.  The Boosting Approach to Machine Learning An Overview , 2003 .

[15]  Guang Xiang Toward a Phish Free World : A Cascaded Learning Framework for Phish Detection , 2012 .

[16]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[17]  James M. Rehg,et al.  On the Design of Cascades of Boosted Ensembles for Face Detection , 2008, International Journal of Computer Vision.