scholarly journals Analysis of Android Malware Using Data Replication Features Extracted by Machine Learning Tools

2019 ◽  
pp. 193-201
Author(s):  
Chandrashekhar Uppin ◽  
Gilbert George
Keyword(s):  
Machine Learning ◽  
Operating System ◽  
Dynamic Analysis ◽  
Identity Theft ◽  
Vital Role ◽  
Third Party ◽  
Learning Tools ◽  
Android Malware ◽  
Static And Dynamic Analysis ◽  
Using Data

In this era of technology, Smartphone plays a vital role in individual's life. Now-a-days, we tend to use smartphones for storing critical information like banking details, documents etc. as it makes it portable. Android is the most preferred type of operating system for smartphone as per consumer buying interest. But also, vulnerabilities are mainly targeted in case of android by malwares as android is the most vulnerable because of its third-party customization support, which results in identity theft, Denial of Services (DoS), Ransomware attacks etc. In this work, we present android malware called MysteryBot identification, static and dynamic analysis result. MysteryBot is a banking Trojan. Some recommended steps to make your android device safe from such kind of malwares infections are also explained in this paper.

scholarly journals The Price is (Not) Right: Comparing Privacy in Free and Paid Apps

2020 ◽  
Vol 2020 (3) ◽  
pp. 222-242 ◽  
Author(s):  
Catherine Han ◽  
Irwin Reyes ◽  
Álvaro Feal ◽  
Joel Reardon ◽  
Primal Wijesekera ◽  
...  
Keyword(s):  
Data Collection ◽  
Dynamic Analysis ◽  
Online Survey ◽  
Mobile Apps ◽  
Third Party ◽  
Security And Privacy ◽  
Consumer Privacy ◽  
Static And Dynamic Analysis ◽  
Android Apps ◽  
Collection Practices

AbstractIt is commonly assumed that “free” mobile apps come at the cost of consumer privacy and that paying for apps could offer consumers protection from behavioral advertising and long-term tracking. This work empirically evaluates the validity of this assumption by comparing the privacy practices of free apps and their paid premium versions, while also gauging consumer expectations surrounding free and paid apps. We use both static and dynamic analysis to examine 5,877 pairs of free Android apps and their paid counterparts for differences in data collection practices and privacy policies between pairs. To understand user expectations for paid apps, we conducted a 998-participant online survey and found that consumers expect paid apps to have better security and privacy behaviors. However, there is no clear evidence that paying for an app will actually guarantee protection from extensive data collection in practice. Given that the free version had at least one thirdparty library or dangerous permission, respectively, we discovered that 45% of the paid versions reused all of the same third-party libraries as their free versions, and 74% of the paid versions had all of the dangerous permissions held by the free app. Likewise, our dynamic analysis revealed that 32% of the paid apps exhibit all of the same data collection and transmission behaviors as their free counterparts. Finally, we found that 40% of apps did not have a privacy policy link in the Google Play Store and that only 3.7% of the pairs that did reflected differences between the free and paid versions.

scholarly journals Malware: The Never-Ending Arm Race

2021 ◽  
pp. 1-25
Author(s):  
Hector David Menendez
Keyword(s):  
Machine Learning ◽  
Dynamic Analysis ◽  
Detection System ◽  
Vice President ◽  
Historical Background ◽  
Malicious Software ◽  
Static And Dynamic Analysis ◽  
Analysis Techniques ◽  
Single Strategy ◽  
New Strategies

"Antivirus is death"' and probably every detection system that focuses on a single strategy for indicators of compromise. This famous quote that Brian Dye --Symantec's senior vice president-- stated in 2014 is the best representation of the current situation with malware detection and mitigation. Concealment strategies evolved significantly during the last years, not just like the classical ones based on polimorphic and metamorphic methodologies, which killed the signature-based detection that antiviruses use, but also the capabilities to fileless malware, i.e. malware only resident in volatile memory that makes every disk analysis senseless. This review provides a historical background of different concealment strategies introduced to protect malicious --and not necessarily malicious-- software from different detection or analysis techniques. It will cover binary, static and dynamic analysis, and also new strategies based on machine learning from both perspectives, the attackers and the defenders.

Runtime-Based Behavior Dynamic Analysis System for Android Malware Detection

2013 ◽  
Vol 756-759 ◽  
pp. 2220-2225 ◽  
Author(s):  
Luo Xu Min ◽  
Qing Hua Cao
Keyword(s):  
Dynamic Analysis ◽  
Private Information ◽  
Malware Detection ◽  
Third Party ◽  
Android Malware ◽  
Android Malware Detection ◽  
Malicious Behavior ◽  
Result Show ◽  
Android Market ◽  
Analysis System

The most serious threats for Android users is come from application, However, the market lack a mechanism to validate whether these applications are malware or not. So, malware maybe leak users private information, malicious deductions for send premium SMS, get root privilege of the Android system and so on. In the traditional method of malware detection, signature is the only basis. It is far enough. In this paper, we propose a runtime-based behavior dynamic analysis for Android malware detection. The new scheme can be implemented as a system. We analyze 350 applications come from third-party Android market, the result show that our system can effectively detect unknown malware and the malicious behavior of malware.

Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques

2014 ◽  
Vol 14 (2) ◽  
pp. 141-153 ◽  
Author(s):  
Michael Spreitzenbarth ◽  
Thomas Schreck ◽  
Florian Echtler ◽  
Daniel Arp ◽  
Johannes Hoffmann
Keyword(s):  
Machine Learning ◽  
Dynamic Analysis ◽  
Machine Learning Techniques ◽  
Static And Dynamic Analysis ◽  
Learning Techniques

scholarly journals Two Anatomists Are Better than One—Dual-Level Android Malware Detection

Symmetry ◽  
2020 ◽  
Vol 12 (7) ◽  
pp. 1128 ◽  
Author(s):  
Vasileios Kouliaridis ◽  
Georgios Kambourakis ◽  
Dimitris Geneiatakis ◽  
Nektaria Potha
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Web Application ◽  
Classification Performance ◽  
Detection Accuracy ◽  
Android Malware ◽  
Static And Dynamic Analysis ◽  
Dynamic Instrumentation ◽  
Android Malware Detection ◽  
Hybrid Solutions

The openness of the Android operating system and its immense penetration into the market makes it a hot target for malware writers. This work introduces Androtomist, a novel tool capable of symmetrically applying static and dynamic analysis of applications on the Android platform. Unlike similar hybrid solutions, Androtomist capitalizes on a wealth of features stemming from static analysis along with rigorous dynamic instrumentation to dissect applications and decide if they are benign or not. The focus is on anomaly detection using machine learning, but the system is able to autonomously conduct signature-based detection as well. Furthermore, Androtomist is publicly available as open source software and can be straightforwardly installed as a web application. The application itself is dual mode, that is, fully automated for the novice user and configurable for the expert one. As a proof-of-concept, we meticulously assess the detection accuracy of Androtomist against three different popular malware datasets and a handful of machine learning classifiers. We particularly concentrate on the classification performance achieved when the results of static analysis are combined with dynamic instrumentation vis-à-vis static analysis only. Our study also introduces an ensemble approach by averaging the output of all base classification models per malware instance separately, and provides a deeper insight on the most influencing features regarding the classification process. Depending on the employed dataset, for hybrid analysis, we report notably promising to excellent results in terms of the accuracy, F1, and AUC metrics.

Vulnerability Assessment and Malware Analysis of Android Apps Using Machine Learning

2021 ◽  
pp. 255-277
Author(s):  
Pallavi Khatri ◽  
Animesh Kumar Agrawal ◽  
Aman Sharma ◽  
Navpreet Pannu ◽  
Sumitra Ranjan Sinha
Keyword(s):  
Machine Learning ◽  
Dynamic Analysis ◽  
Mobile Devices ◽  
Personal Information ◽  
Supervised Machine Learning ◽  
Machine Learning Techniques ◽  
Malware Analysis ◽  
Static And Dynamic Analysis ◽  
Android Apps ◽  
Learning Techniques

Mobile devices and their use are rapidly growing to the zenith in the market. Android devices are the most popular and handy when it comes to the mobile devices. With the rapid increase in the use of Android phones, more applications are available for users. Through these alluring multi-functional applications, cyber criminals are stealing personal information and tracking the activities of users. This chapter presents a two-way approach for finding malicious Android packages (APKs) by using different Android applications through static and dynamic analysis. Three cases are considered depending upon the severity level of APK, permission-based protection level, and dynamic analysis of APK for creating the dataset for further analysis. Subsequently, supervised machine learning techniques such as naive Bayes multinomial text, REPtree, voted perceptron, and SGD text are applied to the dataset to classify the selected APKs as malicious, benign, or suspicious.

scholarly journals On the Feasibility of Adversarial Sample Creation Using the Android System API

Information ◽  
2020 ◽  
Vol 11 (9) ◽  
pp. 433
Author(s):  
Fabrizio Cara ◽  
Michele Scalas ◽  
Giorgio Giacinto ◽  
Davide Maiorca
Keyword(s):  
Machine Learning ◽  
Learning Algorithm ◽  
Random Noise ◽  
Malware Detection ◽  
Android Malware ◽  
Static And Dynamic Analysis ◽  
Detection Systems ◽  
Android Malware Detection ◽  
Expert Analysis ◽  
The Impact

Due to its popularity, the Android operating system is a critical target for malware attacks. Multiple security efforts have been made on the design of malware detection systems to identify potentially harmful applications. In this sense, machine learning-based systems, leveraging both static and dynamic analysis, have been increasingly adopted to discriminate between legitimate and malicious samples due to their capability of identifying novel variants of malware samples. At the same time, attackers have been developing several techniques to evade such systems, such as the generation of evasive apps, i.e., carefully-perturbed samples that can be classified as legitimate by the classifiers. Previous work has shown the vulnerability of detection systems to evasion attacks, including those designed for Android malware detection. However, most works neglected to bring the evasive attacks onto the so-called problem space, i.e., by generating concrete Android adversarial samples, which requires preserving the app’s semantics and being realistic for human expert analysis. In this work, we aim to understand the feasibility of generating adversarial samples specifically through the injection of system API calls, which are typical discriminating characteristics for malware detectors. We perform our analysis on a state-of-the-art ransomware detector that employs the occurrence of system API calls as features of its machine learning algorithm. In particular, we discuss the constraints that are necessary to generate real samples, and we use techniques inherited from interpretability to assess the impact of specific API calls to evasion. We assess the vulnerability of such a detector against mimicry and random noise attacks. Finally, we propose a basic implementation to generate concrete and working adversarial samples. The attained results suggest that injecting system API calls could be a viable strategy for attackers to generate concrete adversarial samples. However, we point out the low suitability of mimicry attacks and the necessity to build more sophisticated evasion attacks.

Sign in / Sign up

Export Citation Format

Share Document