NTPDroid: A Hybrid Android Malware Detector Using Network Traffic and System Permissions

Arora, Anshul; Peddoju, Sateesh K.

doi:10.1109/trustcom/bigdatase.2018.00115

Cited by 49 publications

(23 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…NTPDroid ( Arora & Peddoju, 2018 ) is a model using Android permissions and network traffic-based features. The aim is to determine the probability of malicious behavior.…”

Section: Literature Reviewmentioning

confidence: 99%

AndroAnalyzer: android malicious software detection based on deep learning

Arslan¹

2021

PeerJ Computer Science

View full text Add to dashboard Cite

Background Technological developments have a significant effect on the development of smart devices. The use of smart devices has become widespread due to their extensive capabilities. The Android operating system is preferred in smart devices due to its open-source structure. This is the reason for its being the target of malware. The advancements in Android malware hiding and detection avoidance methods have overridden traditional malware detection methods. Methods In this study, a model employing AndroAnalyzer that uses static analysis and deep learning system is proposed. Tests were carried out with an original dataset consisting of 7,622 applications. Additional tests were conducted with machine learning techniques to compare it with the deep learning method using the obtained feature vector. Results Accuracy of 98.16% was achieved by presenting a better performance compared to traditional machine learning techniques. Values of recall, precision, and F-measure were 98.78, 99.24 and 98.90, respectively. The results showed that deep learning models using trace-based feature vectors outperform current cutting-edge technology approaches.

show abstract

“…NTPDroid ( Arora & Peddoju, 2018 ) is a model using Android permissions and network traffic-based features. The aim is to determine the probability of malicious behavior.…”

Section: Literature Reviewmentioning

confidence: 99%

AndroAnalyzer: android malicious software detection based on deep learning

Arslan¹

2021

PeerJ Computer Science

View full text Add to dashboard Cite

show abstract

“…In [40], the authors presented the ‗AdDroid model' that detects malicious activities on a device by analyzing Android actions such as uploading of a file to a server, internet connections, installing packages on the device, etc. In [41], Android malware was detected by observing run-time-related events along with sensitive APIs and permissions by Zhu et al Apart from this, the authors in [42] and [43] proposed two absolutely different hybrid detection techniques by merging and combining the permissions with network traffic features. On similar lines, the authors in [44], [45], and [46] worked on malware detection by analyzing the combination of static and dynamic features.…”

Section: Hybrid Detectionmentioning

confidence: 99%

Blockchain Based Detection of Android Malware using Ranked Permissions

Gupta

Sethi

Chaudhary

et al. 2021

IJEAT

Self Cite

View full text Add to dashboard Cite

Android mobile devices are a prime target for a huge number of cyber-criminals as they aim to create malware for disrupting and damaging the servers, clients, or networks. Android malware are in the form of malicious apps, that get downloaded on mobile devices via the Play Store or third-party app markets. Such malicious apps pose serious threats like system damage, information leakage, financial loss to user, etc. Thus, predicting which apps contain malicious behavior will help in preventing malware attacks on mobile devices. Identifying Android malware has become a major challenge because of the ever-increasing number of permissions that applications ask for, to enhance the experience of the users. And most of the times, permissions and other features defined in normal and malicious apps are generally the same. In this paper, we aim to detect Android malware using machine learning, deep learning, and natural language processing techniques. To delve into the problem, we use the Android manifest files which provide us with features like permissions which become the basis for detecting Android malware. We have used the concept of information value for ranking permissions. Further, we have proposed a consensus-based blockchain framework for making more concrete predictions as blockchain have high reliability and low cost. The experimental results demonstrate that the proposed model gives the detection accuracy of 95.44% with the Random Forest classifier. This accuracy is achieved with top 45 permissions ranked according to Information Value.

show abstract

“…Few solutions exist in the literature that have used hybrid attributes to detect Android malware. Kabakus et al [32] analyzed permissions and the network traffic of the samples and observed that malware samples generate the lesser number of API calls with permissions as compared to the normal ones. The authors in [33] analyzed manifest file components, system calls, and the network traffic to detect malicious activity on smartphones.…”

Section: Hybrid Solutionsmentioning

confidence: 99%

A Hybrid Model for Android Malware Detection

Malik*¹,

Goyal²,

Malik³

2019

IJITEE

View full text Add to dashboard Cite

Android malware have risen exponentially over the past few years, posing several serious threats such as system damage, financial loss, and mobile botnets. Various detection techniques have been proposed in the literature for Android malware detection. Some of the techniques analyze static parameters such as permissions, or intents, whereas, others focus on dynamic parameters such as network traffic or system calls. Static techniques are relatively easier to implement, however, stealthy recent malware evade static detection by virtue of update attacks. Dynamic detection can be used to detect such stealthy malware, however, it increases the computation overhead. Hence, both kinds of techniques have their own advantages and disadvantages. In this paper, we have proposed an innovative hybrid detection model that uses both static and dynamic features for malware analysis and detection. We first rank the static and dynamic parameters according to the information gain and then apply machine learning algorithms in the testing phase. The results indicate that hybrid approach is better than both static and dynamic approaches and the proposed model achieves 98.9% detection accuracy with Decision Tree classifier

show abstract

NTPDroid: A Hybrid Android Malware Detector Using Network Traffic and System Permissions

Cited by 49 publications

References 16 publications

AndroAnalyzer: android malicious software detection based on deep learning

AndroAnalyzer: android malicious software detection based on deep learning

Blockchain Based Detection of Android Malware using Ranked Permissions

A Hybrid Model for Android Malware Detection

Contact Info

Product

Resources

About