Abstract
The target of botnet attacks has shifted from the personal computers to smartphones and mobile devices due to computational power and functionality of the mobile devices. Mobile botnet is a network consists of compromised mobile devices controlled by a botmaster through a command and control (C&C) network. Nowadays mobile botnets attacks are increasingly being used for advanced political or financial interest. Due to its popularity amongst the mobile operating system, Android has become the most targeted platform by the mobile botnets. The popularity of Android attracts the attackers to develop malicious applications with the botnet capability to hijack users’ devices. In this paper, a new Android botnet classification based on GPS exploitation based on permissions and API calls is proposed using feature selection. The training was carried out using malware dataset from the Drebin and tested using 800 mobile apps from the Google Play store. The experiment was conducted using static analysis and open source tools in a controlled lab environment. This new classification can be used as a reference for other researchers in the same field to secure against GPS exploitation from Android botnet attacks.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
IDC: Smartphone Vendor Market Share, 2016 Q3 (2017). http://www.idc.com/promo/smartphone-market-share/vendor. Accessed 09 May 2017
Gartner: Gartner Says Worldwide Sales of Smartphones Grew 9 Percent in First Quarter of 2017. Gartner Newsroom (2017). http://www.gartner.com/newsroom/id/3725117. Accessed 08 May 2017
Webroot: 2017 Webroot Threat Report (2017)
Geng, G., Xu, G., Zhang, M., Guo, Y., Yang, G., Cui, W.: The design of SMS based heterogeneous mobile botnet. J. Comput. 7(1), 235–243 (2012)
Eslahi, M., Salleh, R., Anuar, N.B.: Bots and botnets: an overview of characteristics, detection and challenges. In: Proceedings - 2012 IEEE International Conference on Control System, Computing and Engineering, ICCSCE 2012, pp. 349–354, November 2013
Geng, G., Xu, G., Zhang, M., Yang, Y., Yang, G.: An improved SMS based heterogeneous mobile botnet model. In: 2011 IEEE International Conference on Information and Automation, ICIA 2011, no. June, pp. 198–202 (2011)
Schwartz, M.J.: Zeus Botnet Eurograbber Steals $47 Million. InformationWeek (2012). http://www.darkreading.com/attacks-and-breaches/zeus-botnet-eurograbber-steals-$47-million/d/d-id/1107673?. Accessed 12 June 2016
Franceschi-Bicchierai, L.: How Hackers Can Turn Your Android Into A SpyPhone (2013). http://mashable.com/2013/08/01/how-hackers-turn-your-android-into-a-spyphone/#CDG4vMWoFPqi. Accessed 30 May 2017
Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digit. Investig. 13, 22–37 (2015)
Yerima, S.Y., Sezer, S., McWilliams, G., Muttik, I.: A new android malware detection approach using Bayesian classification. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications, pp. 121–128 (2013)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: ‘Andromaly’: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Arp, D., Spreitzenbarth, M., Malte, H., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Symposium on Network and Distributed System Security, pp. 23–26 (2014)
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Nieves, J., Bringas, P.G., Álvarez, G.: Marañón: MAMA: manifest analysis for malware detection in android. Cybern. Syst. 44(6–7), 469–488 (2013)
Dini, G., Martinelli, F., Saracino, A., Sgandurra, D.: MADAM: a multi-level anomaly detector for android malware. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence Lecture Notes Bioinformatics). LNCS, vol. 7531, pp. 240–253 (2012)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, SPSM 2011, p. 15 (2011)
Isohara, T., Takemori, K., Kubota, A.: Kernel-based behavior analysis for android malware detection. In: Proceedings of 2011 7th International Conference on Computational Intelligence and Security, CIS 2011, pp. 1011–1015 (2011)
Rastogi, V., Chen, Y., Enck, W.: AppsPlayground: automatic security analysis of smartphone applications. In: 3rd ACM Conference on Data and Application Security and Privacy, CODASPY 2013, pp. 209–220 (2013)
Feizollah, A., Anuar, N.B., Salleh, R., Amalina, F., Ma’arof, R.R., Shamshirband, S.: A study of machine learning classifiers for anomaly-based mobile botnet detection. Malays. J. Comput. Sci. 26(4), 251–265 (2013)
Peiravian, N., Zhu, X.: Machine learning for Android malware detection using permission and API calls. In: Proceedings - International Conference on Tools with Artificial Intelligence, ICTAI (2013)
Ju, X.: Android malware detection through permission and package. In: 2014 International Conference on Wavelet Analysis and Pattern Recognition (ICWAPR), pp. 61–65 (2014)
Chan, P.P.K., Song, W.: Static detection of android malware by using permissions and API calls. In: 2014 International Conference on Machine Learning and Cybernetics, pp. 82–87 (2014)
Tansettanakorn, C., Thongprasit, S., Thamkongka, S., Visoottiviseth, V.: ABIS: a prototype of android botnet identification system. In: Proceedings of 2016 5th ICT International Student Project Conference, ICT-ISPC 2016, pp. 1–5 (2016)
Karim, A., Salleh, R., Shah, S.A.A.: DeDroid: a mobile botnet detection approach based on static analysis. In: IEEE 12th International Conference on Ubiquitous Intelligence and Computing 2015 IEEE 12th International Conference on Autonomic and Trusted Computing 2015 IEEE 15th International Conference on Scalable Computing and Communications and Its Associated Workshops, pp. 1327–1332 (2015)
Eslahi, M., Salleh, R., Anuar, N.B.: MoBots: a new generation of botnets on mobile devices and networks. In: 2012 IEEE Symposium on Computer Applications and Industrial Electronics, ISCAIE 2012, pp. 262–266 (2012)
Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., van der Venn, V., Platzer, C.: ANDRUBIS - 1,000,000 apps later: a view on current android malware behaviors. In: Third International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, pp. 3–17 (2014)
Hashim, H.A.-B., Saudi, M.M., Basir, N.: A systematic review analysis of root exploitation for mobile botnet detection. Lecture Notes in Electrical Engineering, vol. 315, pp. 925–938 (2015)
Wu, S., Wang, P., Li, X., Zhang, Y.: Effective detection of android malware based on the usage of data flow APIs and machine learning. Inf. Softw. Technol. 75, 17–25 (2016)
Google: Manifest.permission | Android Developers. https://developer.android.com/reference/android/Manifest.permission.html. Accessed 23 May 2017
A tool for reverse engineering Android apk files. https://ibotpeaches.github.io/Apktool/. 24 May 2017
Pieterse, H., Olivier, M.S.: Android botnets on the rise: trends and characteristics. In: Proceedings of Conference on 2012 Information Security for South Africa, ISSA 2012 (2012)
Saudi, M.M., Rahman, M.Z.A., Mahmud, A.A., Basir, N., Yusoff, Y.S.: A new system call classification for android mobile malware surveillance exploitation via SMS message. Lecture Notes in Electrical Engineering, vol. 362, pp. 103–112 (2016)
Acknowledgment
The authors would like to express their gratitude to Ministry of Higher Education (MOHE), Malaysia and Universiti Sains Islam Malaysia (USIM) for the support and facilities provided. This research paper is funded by MOHE, Malaysia under grant: [USIM/FRGS/FST/32/50114].
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Yusof, M., Saudi, M.M., Ridzuan, F. (2018). A New Android Botnet Classification for GPS Exploitation Based on Permission and API Calls. In: Duy, V., Dao, T., Zelinka, I., Kim, S., Phuong, T. (eds) AETA 2017 - Recent Advances in Electrical Engineering and Related Sciences: Theory and Application. AETA 2017. Lecture Notes in Electrical Engineering, vol 465. Springer, Cham. https://doi.org/10.1007/978-3-319-69814-4_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-69814-4_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69813-7
Online ISBN: 978-3-319-69814-4
eBook Packages: EngineeringEngineering (R0)