Android malware detection based on system call sequences and LSTM

2017 ◽  
Vol 78 (4) ◽  
pp. 3979-3999 ◽  
Author(s):  
Xi Xiao ◽  
Shaofeng Zhang ◽  
Francesco Mercaldo ◽  
Guangwu Hu ◽  
Arun Kumar Sangaiah
Keyword(s):  
Malware Detection ◽  
System Call ◽  
Android Malware ◽  
Android Malware Detection ◽  
System Call Sequences

scholarly journals Three-Phase Detection and Classification for Android Malware Based on Common Behaviors

2016 ◽  
Vol 12 (3) ◽  
pp. 157 ◽  
Author(s):  
Ying-Dar Lin ◽  
Chun-Ying Huang
Keyword(s):  
Malware Detection ◽  
Second Phase ◽  
System Call ◽  
Phase Detection ◽  
Final Phase ◽  
Android Malware ◽  
Phase Approach ◽  
Three Phase ◽  
Two Phases ◽  
System Call Sequences

Android is one of the most popular operating systems used in mobile devices. Its popularity also renders it a common target for attackers. We propose an efficient and accurate three-phase behavior-based approach for detecting and classifying malicious Android applications. In the proposedapproach, the first two phases detect a malicious application and the final phase classifies the detected malware. The first phase quickly filters out benign applications based on requested permissions and the remaining samples are passed to the slower second phase, which detects malicious applications based on system call sequences. The final phase classifies malware into known or unknown types based on behavioral or permission similarities. Our contributions are three-fold: First, we propose a self-contained approach for Android malware identification and classification. Second, we show that permission requests from an Application are beneficial to benign application filtering. Third, we show that system call sequences generated from an application running inside a virtual machine can be used for malware detection. The experiment results indicate that the multi-phase approach is more accurate than the single-phase approach. The proposed approach registered true positive and false positive rates of 97% and 3%, respectively. In addition, more than 98% of the samples were correctly classified into known or unknown types of malware based on permission similarities.We believe that our findings shed some lights on future development of malware detection and classification.

scholarly journals An Android Mutation Malware Detection Based on Deep Learning Using Visualization of Importance from Codes

2018 ◽  
Author(s):  
Yao-Saint Yen ◽  
Hung-Min Sun
Keyword(s):  
Malware Detection ◽  
Control Flow ◽  
Detection Methods ◽  
System Call ◽  
Importance Value ◽  
Android Malware ◽  
Feature Extraction Method ◽  
Android Malware Detection ◽  
Market Shares ◽  
Private Data

Using smartphone especially android platform has already got eighty percent market shares, due to aforementioned report, it becomes attacker’s primary goal. There is a growing number of private data onto smart phones and low safety defense measure, attackers can use multiple way to launch and to attack user’s smartphones.(e.g. Using different coding style to confuse the software of detecting malware). Existing android malware detection methods use multiple features, like safety sensor API, system call, control flow structure and data information flow, then using machine learning to check whether its malware or not. These feature provide app’s unique property and limitation, that is to say, from some perspectives it might suit for some specific attack, but wouldn’t suit for others. Nowadays most malware detection methods use only one aforementioned feature, and these methods mostly analysis to detect code, but facing the influence of malware’s code confusion and zero-day attack, aforementioned feature extraction method may cause wrong judge. So, it’s necessary to design an effective technique analysis to prevent malware. In this paper, we use the importance of word from apk, because of code confusion, some malware attackers only rename variables, if using general static analysis wouldn’t judge correctly, then use these importance value to go through our proposed method to generate picture, finally using convolutional neural network to see whether the apk file is malware or not.

Android Malware Detection Techniques: A Literature Review

2020 ◽  
Vol 14 ◽  
Author(s):  
Meghna Dhalaria ◽  
Ekta Gandotra
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Future Research ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Future Research Directions ◽  
To Come ◽  
Tools And Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

Android malware detection with contrasting permission patterns

2014 ◽  
Vol 11 (8) ◽  
pp. 1-14 ◽  
Author(s):  
Ping Xiong ◽  
Xiaofeng Wang ◽  
Wenjia Niu ◽  
Tianqing Zhu ◽  
Gang Li
Keyword(s):  
Malware Detection ◽  
Android Malware ◽  
Android Malware Detection
Sign in / Sign up

Export Citation Format

Share Document