Towards 3-level hybrid security model for Android Operating Systems

The extensive use and rapid growth in popularity of Android phones have attracted the malware developer's attention. Due to this reason, malware attacks on Android devices are increasing every year. In this research, firstly we have investigated existing anti-malware techniques and identified their limitations. Secondly, we provided the description of a novel 3-level hybrid malware detection model for Android operating systems, which is an open-ended project and is currently under development. It is designed to ensure accurate detection of malware through the combination of i) Static & Dynamic Analysis; ii) Local & Remote Host; and iii) Machine Learning Intelligence. Through experimental results, it is shown that the 3-level hybrid malware detection model can achieve 98.5% detection rate, which is higher in comparison to the detection rate of Drebin.

[1]  P. V. Shijo,et al.  Integrated Static and Dynamic Analysis for Malware Detection , 2015 .

[2]  Xu Chen,et al.  A hybrid malware detecting scheme for mobile Android applications , 2016, 2016 IEEE International Conference on Consumer Electronics (ICCE).

[3]  V. Natarajan,et al.  Android based malware detection using a multifeature collaborative decision fusion approach , 2015, Neurocomputing.

[4]  Toshiaki Tanaka,et al.  Towards Formal Analysis of the Permission-Based Security Model for Android , 2009, 2009 Fifth International Conference on Wireless and Mobile Communications.

[5]  Jules White,et al.  Applying machine learning classifiers to dynamic Android malware detection at scale , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[6]  Gonzalo Álvarez,et al.  PUMA: Permission Usage to Detect Malware in Android , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[7]  Gianluca Dini,et al.  MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention , 2018, IEEE Transactions on Dependable and Secure Computing.

[8]  Ponciano Jorge Escamilla-Ambrosio,et al.  Towards a 2-hybrid Android malware detection test framework , 2016, 2016 International Conference on Electronics, Communications and Computers (CONIELECOMP).

[9]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[10]  J. Foster,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[11]  Xiaolei Wang,et al.  A Novel Hybrid Mobile Malware Detection System Integrating Anomaly Detection With Misuse Detection , 2015, MCS '15.

[12]  Vijay Laxmi,et al.  AndroSimilar: robust statistical feature signature for Android malware detection , 2013, SIN.

[13]  Shigeki Goto,et al.  Detecting Android Malware by Analyzing Manifest Files , 2013 .

[14]  Shih-Hao Hung,et al.  DroidDolphin: a dynamic Android malware detection framework using big data and machine learning , 2014, RACS '14.

[15]  Heng Yin,et al.  DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android , 2013, SecureComm.

[16]  René Rydhof Hansen,et al.  Formalisation and analysis of Dalvik bytecode , 2014, Sci. Comput. Program..

[17]  Kanubhai K. Patel,et al.  Detection and Mitigation of Android Malware Through Hybrid Approach , 2015, SSCC.

[18]  Yajin Zhou,et al.  Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets , 2012, NDSS.

[19]  Steve Hanna,et al.  Android permissions demystified , 2011, CCS '11.

[20]  Yuval Elovici,et al.  “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[21]  Avik Chaudhuri,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[22]  Chun-Ying Huang,et al.  Performance Evaluation on Permission-Based Detection for Android Malware , 2013 .

[23]  Fabio Martinelli,et al.  BRIDEMAID: An Hybrid Tool for Accurate Detection of Android Malware , 2017, AsiaCCS.

[24]  Heng Yin,et al.  DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis , 2012, USENIX Security Symposium.

[25]  Zhenkai Liang,et al.  Monet: A User-Oriented Behavior-Based Malware Variants Detection System for Android , 2016, IEEE Transactions on Information Forensics and Security.

[26]  John C. S. Lui,et al.  Droid Analytics: A Signature Based Analytic System to Collect, Extract, Analyze and Associate Android Malware , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[27]  Sahin Albayrak,et al.  An Android Application Sandbox system for suspicious software detection , 2010, 2010 5th International Conference on Malicious and Unwanted Software.

[28]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[29]  Cengiz Acartürk,et al.  The analysis of feature selection methods and classification algorithms in permission based Android malware detection , 2014, 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[30]  Rishabh Kaushal,et al.  CREDROID: Android malware detection by network traffic analysis , 2016, PAMCO '16.

[31]  Zhenlong Yuan,et al.  DroidDetector: Android Malware Characterization and Detection Using Deep Learning , 2016 .

[32]  Aziz Mohaisen,et al.  Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information , 2016, Comput. Secur..

[33]  K. Yi,et al.  Static Analyzer for Detecting Privacy Leaks in Android Applications , 2012 .

[34]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.