Skip to main content
SpringerLink
Log in
Book cover

International Conference on Advanced Engineering  Theory and Applications

AETA 2017: AETA 2017 - Recent Advances in Electrical Engineering and Related Sciences: Theory and Application pp 27–37Cite as

A New Android Botnet Classification for GPS Exploitation Based on Permission and API Calls

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 465))

Abstract

The target of botnet attacks has shifted from the personal computers to smartphones and mobile devices due to computational power and functionality of the mobile devices. Mobile botnet is a network consists of compromised mobile devices controlled by a botmaster through a command and control (C&C) network. Nowadays mobile botnets attacks are increasingly being used for advanced political or financial interest. Due to its popularity amongst the mobile operating system, Android has become the most targeted platform by the mobile botnets. The popularity of Android attracts the attackers to develop malicious applications with the botnet capability to hijack users’ devices. In this paper, a new Android botnet classification based on GPS exploitation based on permissions and API calls is proposed using feature selection. The training was carried out using malware dataset from the Drebin and tested using 800 mobile apps from the Google Play store. The experiment was conducted using static analysis and open source tools in a controlled lab environment. This new classification can be used as a reference for other researchers in the same field to secure against GPS exploitation from Android botnet attacks.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. IDC: Smartphone Vendor Market Share, 2016 Q3 (2017). http://www.idc.com/promo/smartphone-market-share/vendor. Accessed 09 May 2017

  2. Gartner: Gartner Says Worldwide Sales of Smartphones Grew 9 Percent in First Quarter of 2017. Gartner Newsroom (2017). http://www.gartner.com/newsroom/id/3725117. Accessed 08 May 2017

  3. Webroot: 2017 Webroot Threat Report (2017)

    Google Scholar 

  4. Geng, G., Xu, G., Zhang, M., Guo, Y., Yang, G., Cui, W.: The design of SMS based heterogeneous mobile botnet. J. Comput. 7(1), 235–243 (2012)

    Article  Google Scholar 

  5. Eslahi, M., Salleh, R., Anuar, N.B.: Bots and botnets: an overview of characteristics, detection and challenges. In: Proceedings - 2012 IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2012, pp. 349–354, November 2013

    Google Scholar 

  6. Geng, G., Xu, G., Zhang, M., Yang, Y., Yang, G.: An improved SMS based heterogeneous mobile botnet model. In: 2011 IEEE International Conference on Information and Automation, ICIA 2011, no. June, pp. 198–202 (2011)

    Google Scholar 

  7. Schwartz, M.J.: Zeus Botnet Eurograbber Steals $47 Million. InformationWeek (2012). http://www.darkreading.com/attacks-and-breaches/zeus-botnet-eurograbber-steals-$47-million/d/d-id/1107673?. Accessed 12 June 2016

  8. Franceschi-Bicchierai, L.: How Hackers Can Turn Your Android Into A SpyPhone (2013). http://mashable.com/2013/08/01/how-hackers-turn-your-android-into-a-spyphone/#CDG4vMWoFPqi. Accessed 30 May 2017

  9. Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digit. Investig. 13, 22–37 (2015)

    Article  Google Scholar 

  10. Yerima, S.Y., Sezer, S., McWilliams, G., Muttik, I.: A new android malware detection approach using Bayesian classification. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications, pp. 121–128 (2013)

    Google Scholar 

  11. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: ‘Andromaly’: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)

    Article  Google Scholar 

  12. Arp, D., Spreitzenbarth, M., Malte, H., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Symposium on Network and Distributed System Security, pp. 23–26 (2014)

    Google Scholar 

  13. Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Nieves, J., Bringas, P.G., Álvarez, G.: Marañón: MAMA: manifest analysis for malware detection in android. Cybern. Syst. 44(6–7), 469–488 (2013)

    Article  Google Scholar 

  14. Dini, G., Martinelli, F., Saracino, A., Sgandurra, D.: MADAM: a multi-level anomaly detector for android malware. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence Lecture Notes Bioinformatics). LNCS, vol. 7531, pp. 240–253 (2012)

    Google Scholar 

  15. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011, p. 15 (2011)

    Google Scholar 

  16. Isohara, T., Takemori, K., Kubota, A.: Kernel-based behavior analysis for android malware detection. In: Proceedings of 2011 7th International Conference on Computational Intelligence and Security, CIS 2011, pp. 1011–1015 (2011)

    Google Scholar 

  17. Rastogi, V., Chen, Y., Enck, W.: AppsPlayground: automatic security analysis of smartphone applications. In: 3rd ACM Conference on Data and Application Security and Privacy, CODASPY 2013, pp. 209–220 (2013)

    Google Scholar 

  18. Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F., Ma’arof, R.R., Shamshirband, S.: A study of machine learning classifiers for anomaly-based mobile botnet detection. Malays. J. Comput. Sci. 26(4), 251–265 (2013)

    Google Scholar 

  19. Peiravian, N., Zhu, X.: Machine learning for Android malware detection using permission and API calls. In: Proceedings - International Conference on Tools with Artificial Intelligence, ICTAI (2013)

    Google Scholar 

  20. Ju, X.: Android malware detection through permission and package. In: 2014 International Conference on Wavelet Analysis and Pattern Recognition (ICWAPR), pp. 61–65 (2014)

    Google Scholar 

  21. Chan, P.P.K., Song, W.: Static detection of android malware by using permissions and API calls. In: 2014 International Conference on Machine Learning and Cybernetics, pp. 82–87 (2014)

    Google Scholar 

  22. Tansettanakorn, C., Thongprasit, S., Thamkongka, S., Visoottiviseth, V.: ABIS: a prototype of android botnet identification system. In: Proceedings of 2016 5th ICT International Student Project Conference, ICT-ISPC 2016, pp. 1–5 (2016)

    Google Scholar 

  23. Karim, A., Salleh, R., Shah, S.A.A.: DeDroid: a mobile botnet detection approach based on static analysis. In: IEEE 12th International Conference on Ubiquitous Intelligence and Computing 2015 IEEE 12th International Conference on Autonomic and Trusted Computing 2015 IEEE 15th International Conference on Scalable Computing and Communications and Its Associated Workshops, pp. 1327–1332 (2015)

    Google Scholar 

  24. Eslahi, M., Salleh, R., Anuar, N.B.: MoBots: a new generation of botnets on mobile devices and networks. In: 2012 IEEE Symposium on Computer Applications and Industrial Electronics, ISCAIE 2012, pp. 262–266 (2012)

    Google Scholar 

  25. Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., van der Venn, V., Platzer, C.: ANDRUBIS - 1,000,000 apps later: a view on current android malware behaviors. In: Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 3–17 (2014)

    Google Scholar 

  26. Hashim, H.A.-B., Saudi, M.M., Basir, N.: A systematic review analysis of root exploitation for mobile botnet detection. Lecture Notes in Electrical Engineering, vol. 315, pp. 925–938 (2015)

    Google Scholar 

  27. Wu, S., Wang, P., Li, X., Zhang, Y.: Effective detection of android malware based on the usage of data flow APIs and machine learning. Inf. Softw. Technol. 75, 17–25 (2016)

    Article  Google Scholar 

  28. Google: Manifest.permission | Android Developers. https://developer.android.com/reference/android/Manifest.permission.html. Accessed 23 May 2017

  29. A tool for reverse engineering Android apk files. https://ibotpeaches.github.io/Apktool/. 24 May 2017

  30. Pieterse, H., Olivier, M.S.: Android botnets on the rise: trends and characteristics. In: Proceedings of Conference on 2012 Information Security for South Africa, ISSA 2012 (2012)

    Google Scholar 

  31. Saudi, M.M., Rahman, M.Z.A., Mahmud, A.A., Basir, N., Yusoff, Y.S.: A new system call classification for android mobile malware surveillance exploitation via SMS message. Lecture Notes in Electrical Engineering, vol. 362, pp. 103–112 (2016)

    Google Scholar 

Download references

Acknowledgment

The authors would like to express their gratitude to Ministry of Higher Education (MOHE), Malaysia and Universiti Sains Islam Malaysia (USIM) for the support and facilities provided. This research paper is funded by MOHE, Malaysia under grant: [USIM/FRGS/FST/32/50114].

Author information

Authors and Affiliations

  1. Faculty of Science and Technology (FST), Universiti Sains Islam Malaysia (USIM), Nilai, Negeri Sembilan, Malaysia

    Muhammad Yusof, Madihah Mohd Saudi & Farida Ridzuan

Authors
  1. Muhammad Yusof
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Madihah Mohd Saudi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Farida Ridzuan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Madihah Mohd Saudi .

Editor information

Editors and Affiliations

  1. Faculty of Electrical - Electronics Engineering, Ton Duc Thang University, Ho Chi Minh City, Vietnam

    Vo Hoang Duy

  2. International Cooperation, Research and Training Institute, Ton Duc Thang University, Ho Chi Minh City, Vietnam

    Tran Trong Dao

  3. Department of Computer Science, Faculty of Electrical Engineering and Computer Science, VŠB-TUO, Ostrava, Czech Republic

    Ivan Zelinka

  4. Department of Mechanical Design Engineering, Pukyong National University, Busan, Korea (Republic of)

    Sang Bong Kim

  5. Faculty of Electrical - Electronics Engineering, Ton Duc Thang University, Ho Chi Minh City, Vietnam

    Tran Thanh Phuong

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yusof, M., Saudi, M.M., Ridzuan, F. (2018). A New Android Botnet Classification for GPS Exploitation Based on Permission and API Calls. In: Duy, V., Dao, T., Zelinka, I., Kim, S., Phuong, T. (eds) AETA 2017 - Recent Advances in Electrical Engineering and Related Sciences: Theory and Application. AETA 2017. Lecture Notes in Electrical Engineering, vol 465. Springer, Cham. https://doi.org/10.1007/978-3-319-69814-4_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69814-4_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69813-7

  • Online ISBN: 978-3-319-69814-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation