TY - GEN
T1 - Native malware detection in smartphones with android OS using static analysis, feature selection and ensemble classifiers
AU - Morales-Ortega, S.
AU - Escamilla-Ambrosio, P. J.
AU - Rodríguez-Mota, A.
AU - Coronado-De-Alba, L. D.
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2017/3/28
Y1 - 2017/3/28
N2 - The use of Smartphones (SPs) with Android Operating System (AOS) has reached unprecedented popularity. This is due to the many features that these devices offer as Internet connection, storage of information as well as the ability to perform diverse online transactions. As a result, these devices have become the main target of malware attacks that try to exploit the security vulnerabilities of AOS. Therefore, in order to mitigate these attacks, methods for malware analysis and detection are needed. In this work a method for analysis and detection of malware, which can run natively in the device, is proposed. The approach can analyze applications already installed on the device, monitor new apps installations or updates. Static analysis is used to determine the permissions, hardware and software features requested by applications. An application being analyzed is classified as malware or benign using a model based on ensemble machine learning classifiers and feature selection algorithms. To validate the proposed method, 1377 malware samples and 1377 benign samples, collected from different sources, were used. Results show that the proposed approach detects malware with 96.26%of accuracy. Additional tests were conducted in three different SPs devices to validate malware detection performance in a real environment and to obtain an average execution time. Results of these tests show that the proposed method detects malware with 94.48% of accuracy, getting the analysis results of an application in 35 milliseconds.
AB - The use of Smartphones (SPs) with Android Operating System (AOS) has reached unprecedented popularity. This is due to the many features that these devices offer as Internet connection, storage of information as well as the ability to perform diverse online transactions. As a result, these devices have become the main target of malware attacks that try to exploit the security vulnerabilities of AOS. Therefore, in order to mitigate these attacks, methods for malware analysis and detection are needed. In this work a method for analysis and detection of malware, which can run natively in the device, is proposed. The approach can analyze applications already installed on the device, monitor new apps installations or updates. Static analysis is used to determine the permissions, hardware and software features requested by applications. An application being analyzed is classified as malware or benign using a model based on ensemble machine learning classifiers and feature selection algorithms. To validate the proposed method, 1377 malware samples and 1377 benign samples, collected from different sources, were used. Results show that the proposed approach detects malware with 96.26%of accuracy. Additional tests were conducted in three different SPs devices to validate malware detection performance in a real environment and to obtain an average execution time. Results of these tests show that the proposed method detects malware with 94.48% of accuracy, getting the analysis results of an application in 35 milliseconds.
UR - http://www.scopus.com/inward/record.url?scp=85018191476&partnerID=8YFLogxK
U2 - 10.1109/MALWARE.2016.7888731
DO - 10.1109/MALWARE.2016.7888731
M3 - Contribución a la conferencia
AN - SCOPUS:85018191476
T3 - 2016 11th International Conference on Malicious and Unwanted Software, MALWARE 2016
SP - 67
EP - 74
BT - 2016 11th International Conference on Malicious and Unwanted Software, MALWARE 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 11th International Conference on Malicious and Unwanted Software, MALWARE 2016
Y2 - 18 October 2016 through 21 October 2016
ER -