Linear SVM-Based Android Malware Detection
Abstract
Important personal user information has become scattered in devices as mobile devices are now supporting various services and contents. Accordingly, attackers are expanding the scope of their attack not only in the existing PC and Internet environment but also to mobile devices. In this paper, we monitor the resource information of mobile devices to detect Android malware. Using the monitored information, we propose a method of detecting malware by applying linear SVM (support vector machine) that shows high classification performance in machine learning classifiers in order to automatically detect malware. The validity of the proposed methodology is verified through experiment results.
Keywords
Android Malware Machine learning SVM (support vector machine)Notes
Acknowledgments
This work was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the MSIP (Ministry of Science, ICT and Future Planning) (2013R1A1A3011698).
References
- 1.F-Secure (2012) “Mobile threat report” Q4 2012Google Scholar
- 2.Schmidt AD, Camtepe A, Albayrak S (2010) Static smartphone malware detection. In: Proceedings of the 5th security research conference (future security 2010), p 146. ISBN: 978-3-8396-0159-4Google Scholar
- 3.Bläsing T, Schmidt AD, Batyuk L, Camtepe SA, Albayrak S (2010) An android application sandbox system for suspicious software detection. In: 5th international conference on malicious and unwanted software (MALWARE’2010), Nancy, FranceGoogle Scholar
- 4.Kou X, Wen Q (2011) Intrusion detection model based on android. In: 4th IEEE international conference on broadband network and multimedia technology (IC-BNMT), pp 624–628Google Scholar
- 5.Bose A, Hu X, Shin KG, Park T (2008) Behavioral detection of malware on mobile handsets. In: Proceedings of the 6th international conference on mobile systems, applications, and services, MobiSys ‘08Google Scholar
- 6.Schmidt AD, Schmidt HG, Clausen J, Yǖksel KA, Kiraz O, Camtepe A, Albayrak S (2008) Enhancing security of linux-based android devices. In: Proceedings of 15th international Linux kongress, LehmannGoogle Scholar
- 7.Cheng J, Wong SHY, Yang H, Lu S (2007) SmartSiren virus detection and alert for S-martphones. In: Proceedings of the 5th international conference on mobile systems, applications and services, MobiSys ‘07 Google Scholar
- 8.Liu L, Yan G, Zhang X, Chen S (2009) Virusmeter preventing your cellphone from spies. Recent advances in intrusion detection lecture notes in computer science, vol 5758/2009, pp 244–264Google Scholar
- 9.Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid behavior-based malware detection system. In: Proceedings of the 1st ACM workshop on security and privacy in smartphones and mobile devices, SPSM ‘11Google Scholar
- 10.Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y (2012) “Andromaly” a behavioral malware detection framework for android devices. J Intell Inf Syst 38Google Scholar
- 11.Fuchs AP, Chaudhuri A, Foster JS (2011) ScanDroid: automated security certification of android applicationsGoogle Scholar
- 12.Enck W, Gilbert P, Chun BG, Cox LP, Jung J, McDaniel P, Sheth A (2010) TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of the 9th USENIX conference on operating systems design and implementation, OSDI’10Google Scholar
- 13.Burgesm CJC (1998) A tutorial on support vector machines for pattern recognition. Submitted to data mining and knowledge discovery. http://svm.research.bell-labs.com/SVMdochtml
- 14.Ham HS, Choi MJ (2013) Analysis of android malware detection performance using machine learning classifiers. In: International conference on ICT convergenceGoogle Scholar
- 15.Kim T, Choi Y, Han S, Chung JY, Hyun J, Li J, Hong JW (2012) Monitoring and detecting abnormal behavior in mobile cloud infrastructure. In: IEEE/IFIP international workshop on cloud management (CloudMan 2012), pp 1303–1310, Maui, Hawaii, USA, 20 Apr 2012Google Scholar