Skip to main content
SpringerLink
Log in

A Large-Scale Investigation to Identify the Pattern of Permissions in Obfuscated Android Malwares

  • Conference paper
  • First Online:
Cyber Security and Computer Science (ICONCS 2020)

Included in the following conference series:

Abstract

This paper represents a simulation-based investigation of permissions in obfuscated android malware. Android malware detection has become a challenging and emerging area to research in information security because of the rapid growth of android based smartphone users. To detect malwares in android, permissions to access the functionality of android devices play an important role. Researchers now can easily detect the android malwares whose patterns have already been identified. However, recently attackers started to use obfuscation techniques to make the malwares unintelligible. For that reason, it’s necessary to identify the pattern used by attackers to obfuscate the malwares. In this paper, a large-scale investigation has been performed by developing python scripts to extract the pattern of permissions from an obfuscated malwares dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form has been found and stored in a Comma Separated Values (CSV) file which will lead to the fundamental basis of detecting the obfuscated malwares.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 159.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Sen, S., Aysan, A.I., Clark, J.A.: SAFEDroid: using structural features for detecting android malwares. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICSSITE, vol. 239, pp. 255–270. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78816-6_18

    Chapter  Google Scholar 

  2. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: DREBIN: effective and explainable detection of android malware in your pocket. In: Ndss, vol. 14, pp. 23–26 (2014)

    Google Scholar 

  3. Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Secure Comput. 15, 83–97 (2016)

    Article  Google Scholar 

  4. Number of smartphones sold to end users worldwide from 2007 to 2020 (in million units). https://www.statista.com/statistics/263437/global-smartphone-sales-to-end-users-since-2007/

  5. Reina, A., Fattori, A., Cavallaro, L.: A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. In: EuroSec, April 2013

    Google Scholar 

  6. Backes, M., Gerling, S., Hammer, C., Maffei, M., von Styp-Rekowsky, P.: AppGuard – fine-grained policy enforcement for untrusted android applications. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W.M. (eds.) DPM/SETOP -2013. LNCS, vol. 8247, pp. 213–231. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54568-9_14

    Chapter  Google Scholar 

  7. Gibler, C., Crussell, J., Erickson, J., Chen, H.: AndroidLeaks: automatically detecting potential privacy leaks in android applications on a large scale. In: Katzenbeisser, S., et al. (eds.) Trust 2012. LNCS, vol. 7344, pp. 291–307. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30921-2_17

    Chapter  Google Scholar 

  8. Viswanath, H., Mehtre, B.M.: U.S. Patent No. 9,959,406. Washington, DC: U.S. Patent and Trademark Office (2018)

    Google Scholar 

  9. Aafer, Y., Du, W., Yin, H.: DroidAPIMiner: mining API-level features for robust malware detection in android. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 86–103. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-04283-1_6

    Chapter  Google Scholar 

  10. Demontis, A., Melis, M., Biggio, B., Maiorca, D., Arp, D., Rieck, K., Roli, F.: Yes, machine learning can be more secure! a case study on android malware detection. IEEE Trans. Dependable Secure Comput. 16(4), 711–724 (2017)

    Article  Google Scholar 

  11. Papadopoulos, H., Georgiou, N., Eliades, C., Konstantinidis, A.: Android malware detection with unbiased confidence guarantees. Neurocomputing 280, 3–12 (2017)

    Article  Google Scholar 

  12. Shabtai, A., Moskovitch, R., Elovici, Y., Glezer, C.: Detection of malicious code by applying machine learning classifiers on static features: a state-of-the-art survey. Inf. Secur. Tech. Rep. 14(1), 16–29 (2009)

    Article  Google Scholar 

  13. Egele, M., Scholte, T., Kirda, E., Kruegel, C.: A survey on automated dynamic malware-analysis techniques and tools. ACM Comput. Surv. (CSUR) 44(2), 6 (2012)

    Article  Google Scholar 

  14. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)

    Google Scholar 

  15. Fereidooni, H., Moonsamy, V., Conti, M., Batina, L.: Efficient classification of android malware in the wild using robust static features. In: Meng, W., Luo, X., Furnell, S., Zhou, J. (eds.) Protecting Mobile Networks and Devices: Challenges and Solutions, vol. 1, pp. 181–209. CRC Press, Boca Raton (2016)

    Google Scholar 

  16. Permissions overview. https://developer.android.com/guide/topics/permissions/overview

  17. Huang, C.Y., Tsai, Y.T., Hsu, C.H.: Performance evaluation on permission-based detection for android malware. In: Pan, J.S., Yang, C.N., Lin, C.C. (eds.) Advances in Intelligent Systems and Applications - Volume 2. Smart Innovation, Systems and Technologies, vol. 21. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-35473-1_12

    Chapter  Google Scholar 

  18. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, pp. 627–638. ACM (2011)

    Google Scholar 

  19. Arslan, R.S., Doğru, İ.A., Barişçi, N.: Permission-based malware detection system for android using machine learning techniques. Int. J. Softw. Eng. Knowl. Eng. 29(01), 43–61 (2019)

    Article  Google Scholar 

  20. Yildiz, O., Doğru, I.A.: Permission-based android malware detection system using feature selection with genetic algorithm. Int. J. Softw. Eng. Knowl. Eng. 29(02), 245–262 (2019)

    Article  Google Scholar 

  21. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Ind. Inf. 14(7), 3216–3225 (2018)

    Article  Google Scholar 

  22. Arora, A., Peddoju, S.K., Conti, M.: PermPair: android malware detection using permission pairs. IEEE Trans. Inf. Forensics Secur. 15, 1968–1982 (2019)

    Article  Google Scholar 

  23. Arora, A., Peddoju, S. K.: NTPDroid: a hybrid android malware detector using network traffic and system permissions. In: 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 808–813. IEEE (2018)

    Google Scholar 

  24. Şahın, D.Ö., Kural, O.E., Akleylek, S., Kiliç, E.: New results on permission based static analysis for android malware. In: 2018 6th International Symposium on Digital Forensic and Security, ISDFS, pp. 1–4. IEEE (2018)

    Google Scholar 

  25. Wang, C., Xu, Q., Lin, X., Liu, S.: Research on data mining of permissions mode for android malware detection. Cluster Comput. 22(6), 13337–13350 (2018). https://doi.org/10.1007/s10586-018-1904-x

    Article  Google Scholar 

  26. Motiur Rahman, S.S.M., Saha, S.K.: StackDroid: evaluation of a multi-level approach for detecting the malware on android using stacked generalization. In: Santosh, K.C., Hegadi, R.S. (eds.) RTIP2R 2018. CCIS, vol. 1035, pp. 611–623. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-9181-1_53

    Chapter  Google Scholar 

  27. Rana, M.S., Rahman, S.S.M.M., Sung, A.H.: Evaluation of tree based machine learning classifiers for android malware detection. In: Nguyen, N.T., Pimenidis, E., Khan, Z., Trawiński, B. (eds.) ICCCI 2018. LNCS (LNAI), vol. 11056, pp. 377–385. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98446-9_35

    Chapter  Google Scholar 

  28. Maiorca, D., Ariu, D., Corona, I., Aresu, M., Giacinto, G.: Stealth attacks: an extended insight into the obfuscation effects on android malware. Comput. Secur. 51, 16–31 (2015)

    Article  Google Scholar 

  29. Android PRAGuard Dataset. http://pralab.diee.unica.it/en/AndroidPRAGuardDataset

  30. MalGenome. http://www.malgenomeproject.org/

  31. Contagio. http://contagiominidump.blogspot.com/

  32. Androguard. https://github.com/androguard/androguard

Download references

Author information

Authors and Affiliations

  1. Department of Software Engineering, Daffodil International University, Dhaka, Bangladesh

    Md. Omar Faruque Khan Russel, Sheikh Shah Mohammad Motiur Rahman & Takia Islam

Authors
  1. Md. Omar Faruque Khan Russel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sheikh Shah Mohammad Motiur Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Takia Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sheikh Shah Mohammad Motiur Rahman .

Editor information

Editors and Affiliations

  1. Daffodil International University, Dhaka, Bangladesh

    Touhid Bhuiyan

  2. Daffodil International University, Dhaka, Bangladesh

    Md. Mostafijur Rahman

  3. Daffodil International University, Dhaka, Bangladesh

    Md. Asraf Ali

Rights and permissions

Reprints and permissions

Copyright information

© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Russel, M.O.F.K., Rahman, S.S.M.M., Islam, T. (2020). A Large-Scale Investigation to Identify the Pattern of Permissions in Obfuscated Android Malwares. In: Bhuiyan, T., Rahman, M.M., Ali, M.A. (eds) Cyber Security and Computer Science. ICONCS 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 325. Springer, Cham. https://doi.org/10.1007/978-3-030-52856-0_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-52856-0_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-52855-3

  • Online ISBN: 978-3-030-52856-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation