Abstract
This paper represents a simulation-based investigation of permissions in obfuscated android malware. Android malware detection has become a challenging and emerging area to research in information security because of the rapid growth of android based smartphone users. To detect malwares in android, permissions to access the functionality of android devices play an important role. Researchers now can easily detect the android malwares whose patterns have already been identified. However, recently attackers started to use obfuscation techniques to make the malwares unintelligible. For that reason, it’s necessary to identify the pattern used by attackers to obfuscate the malwares. In this paper, a large-scale investigation has been performed by developing python scripts to extract the pattern of permissions from an obfuscated malwares dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form has been found and stored in a Comma Separated Values (CSV) file which will lead to the fundamental basis of detecting the obfuscated malwares.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sen, S., Aysan, A.I., Clark, J.A.: SAFEDroid: using structural features for detecting android malwares. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICSSITE, vol. 239, pp. 255–270. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78816-6_18
Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: DREBIN: effective and explainable detection of android malware in your pocket. In: Ndss, vol. 14, pp. 23–26 (2014)
Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Secure Comput. 15, 83–97 (2016)
Number of smartphones sold to end users worldwide from 2007 to 2020 (in million units). https://www.statista.com/statistics/263437/global-smartphone-sales-to-end-users-since-2007/
Reina, A., Fattori, A., Cavallaro, L.: A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. In: EuroSec, April 2013
Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – fine-grained policy enforcement for untrusted android applications. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W.M. (eds.) DPM/SETOP -2013. LNCS, vol. 8247, pp. 213–231. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54568-9_14
Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., et al. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30921-2_17
Viswanath, H., Mehtre, B.M.: U.S. Patent No. 9,959,406. Washington, DC: U.S. Patent and Trademark Office (2018)
Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: mining API-level features for robust malware detection in android. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 86–103. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-04283-1_6
Demontis, A., Melis, M., Biggio, B., Maiorca, D., Arp, D., Rieck, K., Roli, F.: Yes, machine learning can be more secure! a case study on android malware detection. IEEE Trans. Dependable Secure Comput. 16(4), 711–724 (2017)
Papadopoulos, H., Georgiou, N., Eliades, C., Konstantinidis, A.: Android malware detection with unbiased confidence guarantees. Neurocomputing 280, 3–12 (2017)
Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf. Secur. Tech. Rep. 14(1), 16–29 (2009)
Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) 44(2), 6 (2012)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)
Fereidooni, H., Moonsamy, V., Conti, M., Batina, L.: Efficient classification of android malware in the wild using robust static features. In: Meng, W., Luo, X., Furnell, S., Zhou, J. (eds.) Protecting Mobile Networks and Devices: Challenges and Solutions, vol. 1, pp. 181–209. CRC Press, Boca Raton (2016)
Permissions overview. https://developer.android.com/guide/topics/permissions/overview
Huang, C.Y., Tsai, Y.T., Hsu, C.H.: Performance evaluation on permission-based detection for android malware. In: Pan, J.S., Yang, C.N., Lin, C.C. (eds.) Advances in Intelligent Systems and Applications - Volume 2. Smart Innovation, Systems and Technologies, vol. 21. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35473-1_12
Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627–638. ACM (2011)
Arslan, R.S., Doğru, İ.A., Barişçi, N.: Permission-based malware detection system for android using machine learning techniques. Int. J. Softw. Eng. Knowl. Eng. 29(01), 43–61 (2019)
Yildiz, O., Doğru, I.A.: Permission-based android malware detection system using feature selection with genetic algorithm. Int. J. Softw. Eng. Knowl. Eng. 29(02), 245–262 (2019)
Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Ind. Inf. 14(7), 3216–3225 (2018)
Arora, A., Peddoju, S.K., Conti, M.: PermPair: android malware detection using permission pairs. IEEE Trans. Inf. Forensics Secur. 15, 1968–1982 (2019)
Arora, A., Peddoju, S. K.: NTPDroid: a hybrid android malware detector using network traffic and system permissions. In: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 808–813. IEEE (2018)
Şahın, D.Ö., Kural, O.E., Akleylek, S., Kiliç, E.: New results on permission based static analysis for android malware. In: 2018 6th International Symposium on Digital Forensic and Security, ISDFS, pp. 1–4. IEEE (2018)
Wang, C., Xu, Q., Lin, X., Liu, S.: Research on data mining of permissions mode for android malware detection. Cluster Comput. 22(6), 13337–13350 (2018). https://doi.org/10.1007/s10586-018-1904-x
Motiur Rahman, S.S.M., Saha, S.K.: StackDroid: evaluation of a multi-level approach for detecting the malware on android using stacked generalization. In: Santosh, K.C., Hegadi, R.S. (eds.) RTIP2R 2018. CCIS, vol. 1035, pp. 611–623. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-9181-1_53
Rana, M.S., Rahman, S.S.M.M., Sung, A.H.: Evaluation of tree based machine learning classifiers for android malware detection. In: Nguyen, N.T., Pimenidis, E., Khan, Z., Trawiński, B. (eds.) ICCCI 2018. LNCS (LNAI), vol. 11056, pp. 377–385. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98446-9_35
Maiorca, D., Ariu, D., Corona, I., Aresu, M., Giacinto, G.: Stealth attacks: an extended insight into the obfuscation effects on android malware. Comput. Secur. 51, 16–31 (2015)
Android PRAGuard Dataset. http://pralab.diee.unica.it/en/AndroidPRAGuardDataset
MalGenome. http://www.malgenomeproject.org/
Contagio. http://contagiominidump.blogspot.com/
Androguard. https://github.com/androguard/androguard
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Russel, M.O.F.K., Rahman, S.S.M.M., Islam, T. (2020). A Large-Scale Investigation to Identify the Pattern of Permissions in Obfuscated Android Malwares. In: Bhuiyan, T., Rahman, M.M., Ali, M.A. (eds) Cyber Security and Computer Science. ICONCS 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 325. Springer, Cham. https://doi.org/10.1007/978-3-030-52856-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-52856-0_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-52855-3
Online ISBN: 978-3-030-52856-0
eBook Packages: Computer ScienceComputer Science (R0)