Smartphone malware detection: From a survey towards taxonomy

Amamra, Abdelfattah; Talhi, Chamseddine; Robert, Jean‐Marc

doi:10.1109/malware.2012.6461012

Cited by 31 publications

(31 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Amamra et al [7] performed a survey on malware detection approaches highlighting two broader classes of malware detection: signature and anomalybased. Porter et al [6] performed a survey on malicious characteristics for mobile device malware.…”

Section: Content Leakage and Malwarementioning

confidence: 99%

See 1 more Smart Citation

Content Provider Leakage Vulnerability Detection in Android Applications

Shahriar

Haddad

2014

Proceedings of the 7th International Conference on Security of Information and Networks

View full text Add to dashboard Cite

Although much research effort has focused on Android malware detection, very little attention has been given to implementationlevel vulnerabilities. This paper focuses on Content Provider Leakage vulnerability that can be exploited by viewing or editing sensitive data through malware. We present a new technique for detecting content provider leakage vulnerability. We propose Kullback-Leibler Divergence (KLD) as a measure to detect the content provider leakage vulnerability. In particular, our contribution includes the development of a set of elements and mapping the elements to programming principles for secure implementation of content provider classes. These elements are captured from the implementation to form the initial population set. The population set is used to measure the divergence of a newly implemented application with content provider to identify potential vulnerabilities. We also apply a back-off smoothing technique to compute the KLD value. We implement a java prototype tool to evaluate a set of content provider implementations to show the effectiveness of the proposed approach. The initial results show that by choosing an appropriate threshold level, KLD is an effective method for detecting content provider leakage vulnerability.

show abstract

Section: Content Leakage and Malwarementioning

confidence: 99%

“…To date, most research work has been devoted to understand Android malware behaviors for classification [6][7][8] and detection [9][10][11][12][13][14][15][16] purposes. However, very few research efforts [17][18][19] have addressed the issue of content provider leakage vulnerabilities and their automatic detection.…”

Section: Introductionmentioning

confidence: 99%

Content Provider Leakage Vulnerability Detection in Android Applications

Shahriar

Haddad

2014

Proceedings of the 7th International Conference on Security of Information and Networks

View full text Add to dashboard Cite

show abstract

“…The detection is based on analyzing the malware program responsible for performing the SMS-based attack. The proposed solutions have been classified as signature-based approach and anomaly-based approach [8].…”

Section: Related Workmentioning

confidence: 99%

Third line of defense strategy to fight against SMS-based malware in android smartphones

Derhab

Saleem

Youssef

2014

2014 International Wireless Communications and Mobile Computing Conference (IWCMC)

View full text Add to dashboard Cite

In this paper, we inspire from two analogies: the warfare kill zone and the airport check-in system, to design and deploy a new line in the defense-in-depth strategy, called the third line. This line is represented by a security framework, named the Intrusion Ambushing System and is designed to tackle the issue of SMS-based malware in the Android-based Smartphones. The framework exploits the security features offered by Android operating system to prevent the malicious SMS from going out of the phone and detect the corresponding SMS-based malware. We show that the proposed framework can ensure full security against SMS-based malware. In addition, an analytical study demonstrates that the framework offers optimal performance in terms of detection time and execution cost in comparison to intrusion detection systems based on static and dynamic analysis.

show abstract

“…Thereby, the need of malware detection tool is now more curial. Smartphone malware detection techniques are classified broadly into two main classes: signature-based and anomaly-based [2]. Signature-based techniques look for patterns that match with malware patterns in their database.…”

Section: Introductionmentioning

confidence: 99%

“…Signature-based techniques look for patterns that match with malware patterns in their database. Anomaly-based techniques maintain normal behavior profiles and any deviation from these profiles is considered malicious [2]. The main advantage of anomaly detection techniques is the ability to detect unknown malwares.…”

Section: Introductionmentioning

confidence: 99%

Impact of Dataset Representation on Smartphone Malware Detection Performance

Amamra

Talhi

Robert

2013

Trust Management VII

Self Cite

View full text Add to dashboard Cite

Abstract. Improving Smartphone anomaly-based malware detection techniques is widely studied in recent years. Previous studies explore three factors: dataset size, dataset type and normal profile model. These factors improve the performance, but increase computation complexity and the required memory space. In this paper we explore a new factor: the dataset representation. Dataset representation is the format adopted to organize and represent data. To investigate the impact of this factor, we examine four machine learning classifiers with three different dataset representations. Those dataset representations are: successive system calls, bag of system calls and patterns frequency system calls. The used dataset is a collection of system call traces of Smartphone executing Android 2.2. We analyse the performance of each classifier and deduce the influence of dataset representation on accuracy and false positive rates. The results show that the dataset representation has a potential impact on the performance of classifiers with low computational and memory cost.

show abstract

Smartphone malware detection: From a survey towards taxonomy

Cited by 31 publications

References 17 publications

Content Provider Leakage Vulnerability Detection in Android Applications

Content Provider Leakage Vulnerability Detection in Android Applications

Third line of defense strategy to fight against SMS-based malware in android smartphones

Impact of Dataset Representation on Smartphone Malware Detection Performance

Contact Info

Product

Resources

About