Abstract
Android malware have surged and been sophisticated, posing a great threat to users. The key challenge of detect Android malware is how to discovery their behavioral characteristics at a large scale, and use them to detect Android malware. In this work, we are motivated to discover the discriminatory features extracted from Android APK files for Android malware detection. To achieve this goal, firstly we extract a very large number of static features from each Android application (or app). Secondly, we explain the importance of each kind of feature in Android malware detection. Thirdly, we fed these features into three different classifiers (e.g., SVM, DT, RandomFoerst) for the detection of Android malware. We conduct extensive experiments on large real-world app sets consisting of 6,820 Android malware and 37,581 Android benign apps. The experimental results and our analysis give insights regarding what discriminatory features are most effective to characterize Android malware for building an effective and efficient Android malware detection approach.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mobile malware. http://www.forbes.com/sites/gordonkelly-/2014/03/24/report-97-of-mobile-malware-is-on-android-this-is-the-easy-way-you-stay-safe/
Smartphone OS market share, Q2 2016. http://www.idc.com/prodserv/smartphone-os-market-share.jsp, http://www.idc.com/prodserv/smartphone-os-market-share.jsp
Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for android apps. In: Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 259–269 (2014)
Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: PScout: analyzing the android permission specification. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 217–228 (2012)
Chen, W., Aspinall, D., Gordon, A.D., Sutton, C., Muttik, I.: On robust malware classifiers by verifying unwanted behaviours. In: Ábrahám, E., Huisman, M. (eds.) IFM 2016. LNCS, vol. 9681, pp. 326–341. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-33693-0_21
Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security Symposium, pp. 23–26 (2014)
Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G., Furnell, S.: AndroDialysis: analysis of android intent effectiveness in malware detection. Comput. Secur. 65, 121–134 (2017)
Felt, A.P., Ha, E., Egelman, S., Haney, A., Chin, E., Wagner, D.: Android permissions: user attention, comprehension, and behavior. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, pp. 1–14 (2012)
Felt, A.P., Wang, H.J., Moshchuk, A., Hanna, S., Chin, E.: Permission re-delegation: attacks and defenses. In: Proceedings of the 20th USENIX Conference on Security, pp. 22–22 (2011)
Jiang, F., et al.: Deep learning based multi-channel intelligent attack detection for data security, pp. 1–1 (2018)
Lu, L., Li, Z., Wu, Z., Lee, W., Jiang, G.: CHEX: statically vetting android apps for component hijacking vulnerabilities. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 229–240 (2012)
Milosevic, N., Dehghantanha, A., Choo, K.K.R.: Machine learning aided android malware classification. Comput. Electr. Eng. 61, 266–274 (2017)
Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: MADAM: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Depend. Secur. Comput. 15(1), 83–97 (2018)
Tong, F., Yan, Z.: A hybrid approach of mobile malware detection in android. J. Parallel Distrib. Comput. 103, 22–31 (2017)
Wang, W., Li, Y., Wang, X., Liu, J., Zhang, X.: Detecting android malicious apps and categorizing benign apps with ensemble of classifiers. Future Gener. Comput. Syst. 78, 987–994 (2018)
Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in android applications for malicious application detection. In: IEEE Transactions on Information Forensics and Security, pp. 1869–1882 (2017)
Wu, S., Wang, P., Li, X., Zhang, Y.: Effective detection of android malware based on the usage of data flow apis and machine learning. Inf. Softw. Technol. 75, 17–25 (2016)
Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: S&P, pp. 95–109 (2012)
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: Network and Distributed System Security Symposium, pp. 50–52 (2012)
Acknowledgement
This work is supported by the Science and Technology Projects of Hunan Province (No. 2016JC2074), the Research Foundation of Education Bureau of Hunan Province, China (No. 16B085), the Open Research Fund of Key Laboratory of Network Crime Investigation of Hunan Provincial Colleges (No. 2017WLZC008), the National Science Foundation of China (No. 61471169), the Key Lab of Information Network Security, Ministry of Public Security (No. C16614).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Su, X., Shi, W., Lin, J., Wang, X. (2018). Mass Discovery of Android Malware Behavioral Characteristics for Detection Consideration. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11065. Springer, Cham. https://doi.org/10.1007/978-3-030-00012-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-00012-7_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00011-0
Online ISBN: 978-3-030-00012-7
eBook Packages: Computer ScienceComputer Science (R0)