Reconstruction of Android Applications’ Network Behavior Based on Application Layer Traffic

2015 ◽  
pp. 487-496
Author(s):  
Qun Li ◽  
Lei Zhang ◽  
Shifeng Hou ◽  
Zhenxiang Chen ◽  
Hongbo Han
Keyword(s):  
Network Behavior ◽  
Application Layer ◽  
Android Applications ◽  
Behavior Based

scholarly journals Anomaly Detection for Application Layer User Browsing Behavior Based on Attributes and Features

2018 ◽  
Vol 1069 ◽  
pp. 012072 ◽  
Author(s):  
Xiong Luo ◽  
Xiaoqiang Di ◽  
Xu Liu ◽  
Hui Qi ◽  
Jinqing Li ◽  
...  
Keyword(s):  
Anomaly Detection ◽  
Application Layer ◽  
Behavior Based ◽  
Browsing Behavior

Research on Software Trusted Dynamic Measurement

2012 ◽  
Vol 268-270 ◽  
pp. 1869-1872
Author(s):  
Rui Hao ◽  
Xin Guang Peng ◽  
Lei Xiu
Keyword(s):  
Trusted Computing ◽  
Dynamic Measurement ◽  
System Call ◽  
Application Layer ◽  
Software Application ◽  
Trust Chain ◽  
Behavior Based ◽  
System Resources

For the problem of trust chain of Trusted Computing Group (TCG), which only measures static integrity to the system resources, we extend the TCG chain to the software application layer and propose to extract return addresses of functions in call stacks dynamically for obtaining system call short sequences as software behavior and By monitoring softare behavior based on SVM,we realize software trusted dynamic measurement.

A Network Behavior-Based Botnet Detection Mechanism Using PSO and K-means

2015 ◽  
Vol 6 (1) ◽  
pp. 1-30 ◽  
Author(s):  
Shing-Han Li ◽  
Yu-Cheng Kao ◽  
Zong-Cyuan Zhang ◽  
Ying-Ping Chuang ◽  
David C. Yen
Keyword(s):  
Network Behavior ◽  
Detection Mechanism ◽  
Botnet Detection ◽  
Behavior Based

scholarly journals AppFA: A Novel Approach to Detect Malicious Android Applications on the Network

2018 ◽  
Vol 2018 ◽  
pp. 1-15 ◽  
Author(s):  
Gaofeng He ◽  
Bingfeng Xu ◽  
Haiting Zhu
Keyword(s):  
Network Traffic ◽  
Clustering Algorithm ◽  
Peer Group ◽  
Group Analysis ◽  
Kernel Principal Component Analysis ◽  
Computational Time ◽  
Network Behavior ◽  
Android Apps ◽  
Android Applications ◽  
Behavior Profiles

We propose AppFA, an Application Flow Analysis approach, to detect malicious Android applications (simply apps) on the network. Unlike most of the existing work, AppFA does not need to install programs on mobile devices or modify mobile operating systems to extract detection features. Besides, it is able to handle encrypted network traffic. Specifically, we propose a constrained clustering algorithm to classify apps network traffic, and use Kernel Principal Component Analysis to build their network behavior profiles. After that, peer group analysis is explored to detect malicious apps by comparing apps’ network behavior profiles with the historical data and the profiles of their selected peer groups. These steps can be repeated every several minutes to meet the requirement of online detection. We have implemented AppFA and tested it with a public dataset. The experimental results show that AppFA can cluster apps network traffic efficiently and detect malicious Android apps with high accuracy and low false positive rate. We have also tested the performance of AppFA from the computational time standpoint.

Sign in / Sign up

Export Citation Format

Share Document