Skip to main content
SpringerLink
Log in

Visual Discovery of Malware Patterns in Android Apps

  • Chapter
  • First Online:
Integrating Artificial Intelligence and Visualization for Visual Knowledge Discovery

Part of the book series: Studies in Computational Intelligence ((SCI,volume 1014))

  • 534 Accesses

Abstract

The diffusion of smartphones and the availability of powerful and cheap connections allow people to access heterogeneous information and data anytime and anywhere. In this scenario billions of mobile users as well as billions of under-protected IoT devices have high risk of being the target of malware, cybercrime and attacks. This work introduces visualization techniques applied to software apps installed on Android devices using features generated by mobile security detection tools through static security analysis. The aim of this work is to help common people and skilled analysts to quickly identify anomalous and malicious software on mobile devices. The visual findings are reached through text, tree and other techniques. An app inspection tool is also provided and its usability has been evaluated with an experimental study with ten participants.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 179.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Market Share: PCs, Ultramobiles and Mobile Phones, https://www.gartner.com/en/newsroom/press-releases/2021-02-22-4q20-smartphone-market-share-release, last visit: 2020-03-21.

  2. 2.

    https://www.idc.com/promo/smartphone-market-share/os, last visit: 2020-03-21.

  3. 3.

    Wirex, New Jersey Cybersecurity, https://bit.ly/2YUdzE4, last visit: 2019-03-21.

  4. 4.

    Apple Threat Landscape, Symantec, https://symc.ly/2wtwSb2, last visit: 2019-03-21.

  5. 5.

    youmi-ioslib, https://github.com/youmi/ios-sdk, last visit: 2019-03-21.

  6. 6.

    Android.Youmi, Symantec, https://www.symantec.com, last visit: 2019-03-21.

  7. 7.

    Android.FakeLogin, Symantec (2015), https://www.symantec.com/security-center/writeup/2015-102108-5457-99, last visit: 2019-03-21.

  8. 8.

    Android.Locker, ESET (2014), https://www.virusradar.com, last visit: 2019-03-21.

References

  1. Bitonto, P.D., Roselli, T., Rossano, V., Frezza, E., Piccinno, E.: An educational game to learn type 1 diabetes management. In: Proceedings of the 18th International Conference on Distributed Multimedia Systems, DMS 2012, August 9-11, 2012, Eden Roc Renaissance, Miami Beach, FL, USA, pp. 139–143. Knowledge Systems Institute (2012)

    Google Scholar 

  2. Balducci, F., Buono, P.: Building a qualified annotation dataset for skin lesion analysis trough gamification. In: Catarci, T., Norman, K.L., Mecella, M., (eds.), Proceedings of the 2018 International Conference on Advanced Visual Interfaces, AVI 2018, Castiglione della Pescaia, Italy, May 29 - June 01, 2018, pp. 36:1–36:5. ACM (2018). https://doi.org/10.1145/3206505.3206555

  3. Benzi, F., Cabitza, F., Fogli, D., Lanzilotti, R., Piccinno, A.: Gamification techniques for rule management in ambient intelligence. In: de Ruyter, B.E.R., Kameas, A., Chatzimisios, P., Mavrommati, I. (eds.), Ambient Intelligence - 12th European Conference, AmI 2015, Athens, Greece, November 11-13, 2015, Proceedings, Series. Lecture Notes in Computer Science, vol. 9425, pp. 353–356. Springer (2015). https://doi.org/10.1007/978-3-319-26005-1_25

  4. Karim, A., Salleh, R., Shah, S.A.A.: Dedroid: a mobile botnet detection approach based on static analysis. In: 2015 IEEE 12th International Conference on Ubiquitous Intelligence and Computing and 2015 IEEE 12th International Conference on Autonomic and Trusted Computing and 2015 IEEE 15th Intl Conf on Scalable Computing and Communications and Its Associated Workshops (UIC-ATC-ScalCom), pp. 1327–1332 (2015)

    Google Scholar 

  5. Chakraborty, T., Pierazzi, F., Subrahmanian, V.S.: Ec2: Ensemble clustering and classification for predicting android malware families. IEEE Trans. Depend. Sec. Comput. 17(2), 262–277 (2020)

    Article  Google Scholar 

  6. Sharif, A., Nauman, M.: Function identification in android binaries with deep learning. In: Seventh International Symposium on Computing and Networking (CANDAR), pp. 92–101. IEEE (2019)

    Google Scholar 

  7. Chen, Y.-M., Yang, C.-H., Chen, G.-C.: Using generative adversarial networks for data augmentation in android malware detection. In: 2021 IEEE Conference on Dependable and Secure Computing (DSC), pp. 1–8. IEEE (2021)

    Google Scholar 

  8. Barletta, V.S., Caivano, D., Nannavecchia, A., Scalera, M.: Intrusion detection for in-vehicle communication networks: an unsupervised kohonen som approach. Fut. Internet 12(7), 119 (2020)

    Article  Google Scholar 

  9. Barletta, V.S., Caivano, D., Nannavecchia, A., Scalera, M.: A kohonen som architecture for intrusion detection on in-vehicle communication networks. Appl. Sci. 10(15), 5062 (2020)

    Article  Google Scholar 

  10. Caivano, D., Fogli, D., Lanzilotti, R., Piccinno, A., Cassano, F.: Supporting end users to control their smart home: design implications from a literature review and an empirical investigation. J. Syst. Softw. 144, 295–313 (2018). https://doi.org/10.1016/j.jss.2018.06.035

  11. Bevanda, V., Azemovic, J., Music, D.: Privacy preserving in elearning environment (case of modeling hippocratic database structure). In: Fourth Balkan Conference in Informatics, vol. 2009, 47–52 (2009)

    Google Scholar 

  12. Buono, P., Carella, P.: Towards secure mobile learning. visual discovery of malware patterns in android apps. In: 23rd International Conference Information Visualisation (IV), vol. 2019, pp. 364–369. IEEE (2019)

    Google Scholar 

  13. Kandel, S., Heer, J., Plaisant, C., Kennedy, J., van Ham, F., Riche, N.H., Weaver, C., Lee, B., Brodbeck, D., Buono, P.: Research directions in data wrangling: visuatizations and transformations for usable and credible data. Inf. Vis. 10(4), 271–288 (2011)

    Article  Google Scholar 

  14. Benito, J.C., García-Peñalvo, F.J., Therón, R., Maderuelo, C., Pérez-Blanco, J.S., Zazo, H., Martín-Suárez, A.: Using software architectures to retrieve interaction information in elearning environments. In: 2014 International Symposium on Computers in Education (SIIE), pp. 117–120 (2014)

    Google Scholar 

  15. Eick, S.G., Nelson, M.C., Schmidt, J.D.: Graphical analysis of computer log files. Commun. ACM 37(12), 50–56 (1994)

    Article  Google Scholar 

  16. Zhang, Y., Xiao, Y., Chen, M., Zhang, J., Deng, H.: A survey of security visualization for computer network logs. Secur. Commun. Netw. 5(4), 404–421 (2011)

    Article  Google Scholar 

  17. Erbacher, R.F., Walker, K.L., Frincke, D.A.: Intrusion and misuse detection in large-scale systems. IEEE Comput. Graphics Appl. 22(1), 38–47 (2002)

    Article  Google Scholar 

  18. Xydas, I., Miaoulis, G., Bonnefoi, P.-F., Plemenos, D., Ghazanfarpour, D.: 3d graph visualization prototype system for intrusion detection: a surveillance aid to security analysts. In: Handbook of Graph Drawing and Visualization (2006)

    Google Scholar 

  19. Argyriou, E.N., Sotiraki, A.A., Symvonis, A.: Occupational fraud detection through visualization. In: IEEE International Conference on Intelligence and Security Informatics, vol. 2013, pp. 4–6 (2013)

    Google Scholar 

  20. Lee, J., Jeon, J., Lee, C., Lee, J., Cho, J., Lee, K.: A study on efficient log visualization using d3 component against apt: How to visualize security logs efficiently? In: 2016 International Conference on Platform Technology and Service (PlatCon), pp. 1–6 (2016)

    Google Scholar 

  21. Shen, Z., Ma, K.: Mobivis: a visualization system for exploring mobile data. In: IEEE Pacific Visualization Symposium, vol. 2008, pp. 175–182 (2008)

    Google Scholar 

  22. Lahmadi, A., Beck, F., Finickel, E., Festor, O.: A platform for the analysis and visualization of network flow data of android environments. In: IFIP/IEEE International Symposium on Integrated Network Management (IM), vol. 2015, pp. 1129–1130 (2015)

    Google Scholar 

  23. Somarriba, O., Zurutuza, U., Uribeetxeberria, R., Delosières, L., Nadjm-Tehrani, S.: Detection and visualization of android malware behavior. In: JECE, vol. 2016 (2016)

    Google Scholar 

  24. Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: Symposium on Network and Distributed System Security (NDSS), vol. 02 (2014)

    Google Scholar 

  25. Canbek, G., Sagiroglu, S., Taskaya Temizel, T.: New techniques in profiling big datasets for machine learning with a concise review of android mobile malware datasets. In: International Congress on Big Data. Deep Learning and Fighting Cyber Terrorism (IBIGDELFT), vol. 2018, pp. 117–121 (2018)

    Google Scholar 

  26. Jiang, J., Li, S., Yu, M., Li, G., Liu, C., Chen, K., Liu, H., Huang, W.: Android malware family classification based on sensitive opcode sequence. In: IEEE Symposium on Computers and Communications (ISCC), vol. 2019, pp. 1–7 (2019)

    Google Scholar 

  27. Zhang, Y., Feng, C., Huang, L., Ye, C., Weng, L.: Detection of android malicious family based on manifest information. In: 2020 15th International Conference on Computer Science Education (ICCSE), pp. 202–205 (2020)

    Google Scholar 

  28. Jiang, X.: Security alert: new droidkungfu variant again! found in alternative android markets (2011). http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu3/

  29. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. IEEE Symp. Secur. Privacy 2012, 95–109 (2012)

    Google Scholar 

  30. Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, Ser. CCS ’11, pp. 627–638. ACM, New York (2011)

    Google Scholar 

  31. Collins, C., Carpendale, S., Penn, G.: Docuburst: visualizing document content using language structure. In: Proceedings of the 11th Eurographics / IEEE - VGTC Conference on Visualization, Series EuroVis’09, pp. 1039–1046. Chichester, UK: The Eurographs Association & Wiley, Ltd (2009)

    Google Scholar 

  32. Wattenberg, M., Viégas, F.B.: The word tree, an interactive visual concordance. IEEE Trans. Visual Comput. Graph. 14(6), 1221–1228 (2008)

    Article  Google Scholar 

  33. IBM.: (2016) Word-cloud generator. https://www-01.ibm.com/marketing/iwm/iwm/web/preLogin.do?source=AW-0VW

  34. Nodus.: Textexture - visualize text network (2012). https://noduslabs.com/radar/textexture-visualize-text-network/

  35. Buono, P., Costabile, M., Lanzilotti, R.: A circular visualization of people’s activities in distributed teams. J. Vis. Lang. Comput. 25(6), 903–911 (2014)

    Article  Google Scholar 

  36. Shneiderman, B.: A grander goal: a thousand-fold increase in human capabilities. Educom Rev. 32, 4–10 (1997)

    Google Scholar 

  37. Bastian, M., Heymann, S., Jacomy, M.: Gephi: an open source software for exploring and manipulating networks (2009)

    Google Scholar 

  38. Yu, R.: Ginmaster: a case study in android malware. In: Proceedings of Virus Bulletin Conference, pp. 92–104 (2013)

    Google Scholar 

  39. Ardito, C. Buono, P., Costabile, M., Lanzilotti, R.: Systematic inspection of information visualization systems. In: Proceedings of BELIV’06: BEyond Time and Errors - Novel EvaLuation Methods for Information Visualization. A Workshop of the AVI 2006 International Working Conference (2006)

    Google Scholar 

  40. Costabile, M., Buono, P.: Principles for Human-Centred Design of IR Interfaces. Lecture Notes in Computer Science (including LNAI and LNBI), LNCS, vol. 7757, pp. 28–47 (2013)

    Google Scholar 

  41. Desolda, G., Ardito, C., Jetter, H.-C., Lanzilotti, R.: Exploring spatially-aware cross-device interaction techniques for mobile collaborative sensemaking. Int. J. Hum Comput Stud. 122, 1–20 (2019)

    Article  Google Scholar 

Download references

Acknowledgements

The authors thank Pietro Carella for the early contribution of this work and Vincenzo Nigro for his help in the implementation of the app inspection tool and the successive evaluation.

Author information

Authors and Affiliations

  1. Computer Science Department, University of Bari A. Moro, Via Orabona 4, Bari, Italy

    Paolo Buono & Fabrizio Balducci

Authors
  1. Paolo Buono
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fabrizio Balducci
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Paolo Buono .

Editor information

Editors and Affiliations

  1. Department of Computer Science, Central Washington University, Ellensburg, WA, USA

    Boris Kovalerchuk

  2. Department of Media, Darmstadt University of Applied Sciences, Darmstadt, Hessen, Germany

    Kawa Nazemi

  3. Department of Computer Science, Central Washington University, Ellensburg, WA, USA

    Răzvan Andonie

  4. Department of Electronics, Telecommunications and Computers Engineering, Lisbon School of Engineering, Lisbon, Portugal

    Nuno Datia

  5. Department of Informatics, London South Bank University, London, UK

    Ebad Banissi

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Buono, P., Balducci, F. (2022). Visual Discovery of Malware Patterns in Android Apps. In: Kovalerchuk, B., Nazemi, K., Andonie, R., Datia, N., Banissi, E. (eds) Integrating Artificial Intelligence and Visualization for Visual Knowledge Discovery. Studies in Computational Intelligence, vol 1014. Springer, Cham. https://doi.org/10.1007/978-3-030-93119-3_17

Download citation

Publish with us

Policies and ethics

Search

Navigation