Abstract
Android mobile devices are widely used in recent years. Due to the openness of Android, applications with malicious behavior have more opportunities to get confidential information, which can cause property damage. Most of current solutions are hard to detect these rapidly developing malicious applications with high accuracy. In this paper, a static malicious application detection method based on Sparse Bayesian Learning Algorithm and n-gram analysis is proposed to solve this problem.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bergeron, J., Debbabi, M., Desharnais, J., Erhioui, M.M., Lavoie, Y., Tawbi, N.: Static detection of malicious code in executable programs. Int. J. Req. Eng. (2001)
Dhaya, R., Poongodi, M.: Detecting software vulnerabilities in android using static analysis. In: Proceedings of ICACCCT 2015, pp. 915–918 (2015)
Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. ACM SIGPLAN Not. 49(6), 259–269 (2014)
Li, W., Ge, J., Dai, G.: Detecting malware for android platform: an SVM-based approach. In: Proceedings of CSCloud 2016, pp. 464–469 (2016)
Enck, W., Ongtang, M., Mcdaniel, P.: On lightweight mobile phone application certification. In: Proceedings of CCS 2009, pp. 235–245 (2009)
Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14(2), 141–153 (2015)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: “Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Fuchs, A.P., Chaudhuri, A., Foster, J.S.: SCanDroid: automated security certification of Android applications (2010)
Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of OSDI 2010, pp. 393–407 (2010)
Yan, L.K., Yin, H.: DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In: USENIX Security Symposium, p. 29 (2013)
Patel, K., Buddadev, B.: Detection and mitigation of android malware through hybrid approach. In: Abawajy, Jemal H., Mukherjea, S., Thampi, Sabu M., Ruiz-Martínez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 455–463. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22915-7_41
Faruki, P., et al.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998–1022 (2017)
Wen, W., Mei, R., Ning, G., Wang, L.: Malware detection technology analysis and applied research of android platform. J. Commun. 35, 78–85 (2014)
Cavnar, W.B., Trenkle, J.M.: N-gram-based text categorization. In: 3rd Annual Symposium on Document Analysis and Information Retrieval, pp. 161–175 (1994)
Abou-Assaleh, T., Cercone, N., Keselj, V., Sweidan, R.: N-gram-based detection of new malicious code. In: Proceedings of COMPSAC 2004, pp. 41–42. IEEE (2004)
Moskovitch, R., et al.: Unknown malcode detection using OPCODE representation. In: Ortiz-Arroyo, D., Larsen, H.L., Zeng, D.D., Hicks, D., Wagner, G. (eds.) EuroIsI 2008. LNCS, vol. 5376, pp. 204–215. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89900-6_21
Chen, T., Yang, Y., Bo, C.: Maldetect: an android malware detection system based on abstraction of Dalvik instructions. J. Comput. Res. Dev. 53(10), 2299–2306 (2016)
Dong, H., Neng-Qiang, H.E., Ge, H.U., Qi, L.I., Zhang, M.: Malware detection method of android application based on simplification instructions. J. China Univ. Posts Telecommun. 21(23–24), 94–100 (2014)
Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273–297 (1995)
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X.: On the automatic categorisation of Android applications. In: Proceedings of CCNC 2012, pp. 149–153 (2012)
Tipping, M.E.: Sparse bayesian learning and the relevance vector machine. JMLR.org (2001)
Ye, Y., Chen, L., Wang, D., Li, T., Jiang, Q., Zhao, M.: SBMDS: an interpretable string based malware detection system using SVM ensemble with bagging. J. Comput. Virol. 5(4), 283 (2009)
Tipping, M.E., Faul, A.C.: Fast marginal likelihood maximisation for sparse Bayesian models. In: Proceedings of AISTATS 2003, pp. 3–6 (2003)
Li, T., Dong, H., Yuan, C., Du, Y., Xu, G.: Description of Android malware feature based on Dalvik instructions. J. Comput. Res. Dev. 51(7), 1458–1466 (2014)
Liu, N., Yang, M., Zhang, S.: Detecting applications with malicious behavior in Android device based on GA and SVM. In: Proceedings of ECAE 2018 (2018)
Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of Android malware in your pocket. In: NDSS (2014)
Acknowledgment
This work is supported by the National Key Research and Development Program (No. 2017YFB0802302), the National Natural Science Foundation of China (No. 61572086, No. 61402058), Sichuan innovation team of quantum security communication (No. 17TD0009), Sichuan academic and technical leaders training funding support projects (No. 201612008010264), Application Foundation Project of Sichuan Province of China (No. 2017JY0168).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, N. et al. (2018). Detection of Android Applications with Malicious Behavior Based on Sparse Bayesian Learning Algorithm. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11067. Springer, Cham. https://doi.org/10.1007/978-3-030-00018-9_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-00018-9_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00017-2
Online ISBN: 978-3-030-00018-9
eBook Packages: Computer ScienceComputer Science (R0)