Mobile Malware Classification via  System Calls and Permission for GPS Exploitation

Mohd, M. H.; Afif, Muhammad

doi:10.14569/ijacsa.2017.080636

Cited by 6 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the limitation of this approach is that the applications are not classified to their appropriate family but are detected as malware or not which in some cases is not adequate. A classification method using system calls to GPS data is used in another study on a sample of approximately 5,560 malware applications and 500 random applications in which the researchers found 32 related patterns that were used from the malware applications (Saudi, 2017). In a recent study, Arif et al (2021) used a sample of 10,000 Android applications in order to classify malware applications using static analysis.…”

Section: Malware Classificationmentioning

confidence: 99%

Permission-Based Classification of Android Malware Applications Using Random Forest

Chrysikos,

Karampelas,

Xylogiannopoulos

2023

eccws

View full text Add to dashboard Cite

Android is arguably the most widely used mobile operating system in the world. Due to its widespread use, it has attracted a lot of attention of cybercriminals who attempt to exploit its architecture and outsmart innocent users to install malware applications. The number of such applications is growing every day either by alternating a basic exploitation mechanism or by creating novel mechanisms to exfiltrate users’ data. As a result, there is an increasing need for detection mechanisms that can classify these applications to families based on their characteristics. A significant amount of research has already been devoted to analysing and mitigating this growing problem; however, this situation demands more efficient methods with higher precision. The paper proposes such a framework for analysing and classifying a malicious application to certain families relying on the permissions used. The proposed method involves the pre-processing of the applications to extract their permissions, the tokenization of permissions, the data cleansing and finally the application of the Random Forest Classifier to classify the applications in families. The proposed method is trained and tested with a dataset of 11,159 malicious applications categorized in 33 unique families. The precision, recall and f1-score achieved is 98%. The results of the proposed methodology are promising, since it even works in an unbalanced dataset and in many cases outperform other state-of-the-art approaches.

show abstract

Section: Malware Classificationmentioning

confidence: 99%

Permission-Based Classification of Android Malware Applications Using Random Forest

Chrysikos,

Karampelas,

Xylogiannopoulos

2023

eccws

View full text Add to dashboard Cite

show abstract

“…Features such as API and permission are seen as an opportunity for exploitation [3]. Existing works by [4][5][6][7][8][9][10][11][12] showed the significant of API and permission usage for exploitation and malwares detection. These works used different analysis techniques such as static analysis, dynamic analysis or hybrid analysis.…”

Section: Introductionmentioning

confidence: 99%

“…These works used different analysis techniques such as static analysis, dynamic analysis or hybrid analysis. As for work from [12], MalDozer is proposed to detect the malwares in different of IoT devices, with API as the input. Even in 2018, works by [13][14][15][16][17] also applied the API and Permission in their work.…”

Section: Introductionmentioning

confidence: 99%

Detection of Social Media Exploitation via SMS and Camera

Azhar

Saudi

Ahmad

et al. 2019

Int. J. Interact. Mob. Technol.

View full text Add to dashboard Cite

Internet users all over the world are highly exposed to social media exploitation, where they are vulnerable to be targeted by this cyber-attack. Furthermore, excessive use of social media leads to Internet Addiction Disorder (IAD). Fortunately, social media exploitation and IAD can be monitored and controlled closely based on user’s mobile phone surveillance features which are camera, SMS, audio, geolocation (GPS) and call log. Hence to overcome these challenges, this paper presents five (5) Application Programming Interfaces (APIs) and four (4) permissions for SMS and camera that are mostly and widely used with the social media applications. These 9 APIs and permissions matched with 2.7% of the APIs and permissions training dataset that are related with SMS and camera. This experiment was conducted by using hybrid analysis, which inclusive of static analysis and dynamic analysis, with 1926 training dataset from Brunswick. These 9 APIs and permissions, if being misused by the attacker, could lead to privacy concerns of a mobile device. The finding from this paper can be used as a guidance and reference for the formation of new mobile malware detection technique and modeling in future.

show abstract

Classification for iOS Mobile Malware Inspired by Phylogenetic: Proof of Concept

Husainiamer

Saudi

Ahmad

2020

2020 IEEE Conference on Open Systems (ICOS)

View full text Add to dashboard Cite

Mobile Malware Classification via System Calls and Permission for GPS Exploitation

Cited by 6 publications

References 6 publications

Permission-Based Classification of Android Malware Applications Using Random Forest

Permission-Based Classification of Android Malware Applications Using Random Forest

Detection of Social Media Exploitation via SMS and Camera

Classification for iOS Mobile Malware Inspired by Phylogenetic: Proof of Concept

Contact Info

Product

Resources

About