Abstract
Battery technology seems unable to keep up with the rapid evolution of smartphones and their applications, which continuously demand more and more energy. Modern smartphones, with their plethora of application scenarios and usage habits, are setting new challenges and constraints for malware detection software. Among these challenges, preserving the battery life as much as possible is one of the most pressing. From the end users’ perspective, a security solution, such as an antivirus (AV), that significantly impacts the battery’s life is unacceptable. Thus, the quality and degree of adoption of malware-detection products is also influenced by their energy demands.
Motivated by the above rationale, we perform the first fine-grained measurement that analyzes, at a low level, the energy efficiency of modern, commercial, popular AVs. We explore the relations between various aspects of popular AVs, when handling malicious and benign applications, and the resulting energy consumption. Even though we focus on energy consumption, we also explore other dimensions such as the discrepancies between scanning modes, the impact of file size and scan duration. We then translate our findings into a set of design guidelines for reducing the energy footprint of modern AVs for mobile devices.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Not to be confused with application whitelisting (e.g., [7]), where only known applications are allowed to be executed on the system.
References
Android developers - monkeyrunner. http://developer.android.com/tools/help/monkeyrunner_concepts.html
Android malware genome project. http://www.malgenomeproject.org/
Contagio - mobile malware. http://contagiominidump.blogspot.com
Dex2jar. https://code.google.com/p/dex2jar/
Java decompiler. http://jd.benow.ca/
Beechey, J.: Application whitelisting: Panacea or propaganda (2010). http://www.sans.org/reading-room/whitepapers/application/application-whitelisting-panacea-propaganda-33599
Bickford, J., Lagar-Cavilla, H.A., Varshavsky, A., Ganapathy, V., Iftode, L.: Security versus energy tradeoffs in host-based mobile malware detection. In: MobiSys (2011)
Carroll, A., Heiser, G.: An analysis of power consumption in a smartphone. In: USENIX ATC (2010)
Chen, X., Chen, Y., Ma, Z., Fernandes, F.C.A.: How is energy consumed in smartphone display applications? In: HotMobile (2013)
Friedman, R., Kogan, A., Krivolapov, Y.: On power and throughput tradeoffs of wifi and bluetooth in smartphones. In: INFOCOM (2011)
Harlalka, R.: How to stop your mobile app from being a serious battery drain (2013)
Hoffmann, J., Neumann, S., Holz, T.: Mobile malware detection based on energy fingerprints — a dead end? In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds.) RAID 2013. LNCS, vol. 8145, pp. 348–368. Springer, Heidelberg (2013)
Kim, H., Smith, J., Shin, K.G.: Detecting energy-greedy anomalies and mobile malware variants. In: Proceedings of the 6th International Conference on Mobile Systems, Applications, and Services, MobiSys 2008 (2008)
Maggi, F., Valdi, A., Zanero, S.: Andrototal: a flexible, scalable toolbox and service for testing mobile malware detectors. In: CCS SPSM (2013)
Martin, T., Hsiao, M., Ha, D., Krishnaswami, J.: Denial-of-service attacks on battery-powered mobile computers. In: Proceedings of the Second IEEE International Conference on Pervasive Computing and Communications(PerCom 2004) (2004)
Merlo, A., Migliardi, M., Fontanelli, P.: On energy-based profiling of malware in android. In: HPCS (2014)
Mohaisen, A., Alrawi, O.: AV-meter: an evaluation of antivirus scans and labels. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 112–131. Springer, Heidelberg (2014)
Nacci, A.A., Trovò, F., Maggi, F., Ferroni, M., Cazzola, A., Sciuto, D., Santambrogio, M.D.: Adaptive and flexible smartphone power modeling. Mob. Netw. Appl. 18(5), 600–609 (2013)
Nash, D.C., Martin, T.L., Ha, D.S., Hsiao, M.S.: Towards an intrusion detection system for battery exhaustion attacks on mobile computing devices. In: PerCom Workshops. IEEE Computer Society (2005)
Pathak, A., Hu, Y.C., Zhang, M.: Where is the energy spent inside my app? Fine grained energy accounting on smartphones with eprof. In: EuroSys (2012)
Rastogi, V., Chen, Y., Jiang, X.: Droidchameleon: evaluating android anti-malware against transformation attacks. In: ASIA CCS (2013)
Rice, A.C., Hay, S.: Decomposing power measurements for mobile devices. In: PerCom (2010)
Symantec: Android Madware and Malware Trends (2013)
Thiagarajan, N., Aggarwal, G., Nicoara, A., Boneh, D., Singh, J.P.: Who killed my battery? Analyzing mobile browser energy consumption. In: WWW (2012)
Truong, H.T.T., Lagerspetz, E., Nurmi, P., Oliner, A.J., Tarkoma, S., Asokan, N., Bhattacharya, S.: The company you keep: mobile malware infection rates and inexpensive risk indicators. In: WWW (2014)
Wang, T., Lu, K., Lu, L., Chung, S., Lee, W.: Jekyll on iOS: when benign apps become evil. In: Proceedings of the 22Nd USENIX Conference on Security, SEC 2013 (2013)
Yoon, C., Kim, D., Jung, W., Kang, C., Cha, H.: Appscope: application energy metering framework for android smartphones using kernel activity monitoring. In: USENIX ATC (2012)
Zhang, L., Tiwana, B., Qian, Z., Wang, Z., Dick, R.P., Mao, Z.M., Yang, L.: Accurate online power estimation and automatic battery behavior based power model generation for smartphones. In: CODES/ISSS (2010)
Zheng, M., Lee, P.P.C., Lui, J.C.S.: ADAM: an automatic and extensible platform to stress test android anti-virus systems. In: Flegel, U., Markatos, E., Robertson, W. (eds.) DIMVA 2012. LNCS, vol. 7591, pp. 82–101. Springer, Heidelberg (2013)
Acknowledgements
This work was supported in part by DARPA through Contract FA8750-10-2-0253, with additional support by Intel Corp. It was also supported by the FP7 project NECOMA, funded by the European Commission under Grant Agreement No. 608533, and the MIUR FACE Project No. RBFR13AJFT. Any opinions, findings, conclusions, or recommendations expressed herein are those of the authors, and do not necessarily reflect those of the US Government, DARPA, or Intel.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Polakis, I., Diamantaris, M., Petsas, T., Maggi, F., Ioannidis, S. (2015). Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software. In: Almgren, M., Gulisano, V., Maggi, F. (eds) Detection of Intrusions and Malware, and Vulnerability Assessment. DIMVA 2015. Lecture Notes in Computer Science(), vol 9148. Springer, Cham. https://doi.org/10.1007/978-3-319-20550-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-20550-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-20549-6
Online ISBN: 978-3-319-20550-2
eBook Packages: Computer ScienceComputer Science (R0)