Evaluating Mobile Malware by Extracting User Experience-Based Features

The perception the user has about the performances of an application could determine the success of the application in the marketplace. The research community has made many efforts to understand out how to measure the user experience of mobile applications. In this paper we apply a set of features, typically used to evaluate mobile user experience UX, with the aim at understanding whether there are differences in terms of usability between trusted and malware mobile samples. As a side effect we evaluate whether the feature set is useful to discriminate mobile malware. The experiment suggests that malware samples exhibit a better UX than legitimate ones. Furthermore we obtain, training several classifiers from UX-based features, a precision of 0.97i?źin malware identification.

[1]  Gerardo Canfora,et al.  Mobile malware detection using op-code frequency histograms , 2015, 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE).

[2]  Lei Liu,et al.  VirusMeter: Preventing Your Cellphone from Spies , 2009, RAID.

[3]  Sahin Albayrak,et al.  An Android Application Sandbox system for suspicious software detection , 2010, 2010 5th International Conference on Malicious and Unwanted Software.

[4]  Kang G. Shin,et al.  Detecting energy-greedy anomalies and mobile malware variants , 2008, MobiSys '08.

[5]  Gerardo Canfora,et al.  Composition-Malware: Building Android Malware at Run Time , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[6]  Eduardo Juárez Martínez,et al.  Maximizing the user experience with energy-based fair sharing in battery limited mobile systems , 2013, IEEE Transactions on Consumer Electronics.

[7]  Gerardo Canfora,et al.  A Case Study of Automating User Experience-Oriented Performance Testing on Smartphones , 2013, 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation.

[8]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[9]  Gerardo Canfora,et al.  A Classifier of Malicious Android Applications , 2013, 2013 International Conference on Availability, Reliability and Security.

[10]  Thomas Schreck,et al.  Mobile-sandbox: having a deeper look into android applications , 2013, SAC '13.

[11]  Yuval Elovici,et al.  Intrusion detection for mobile devices using the knowledge-based, temporal abstraction method , 2010, J. Syst. Softw..

[12]  Shivakant Mishra,et al.  Location based power analysis to detect malicious code in smartphones , 2011, SPSM '11.

[13]  Yuval Elovici,et al.  “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[14]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[15]  Luc Martens,et al.  A software tool to relate technical performance to user experience in a mobile context , 2008, 2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks.