Top Journal

International Journal of Architectural, Civil and Construction Sciences International Journal of Biological, Life and Agricultural Sciences International Journal of Chemical, Materials and Biomolecular Sciences International Journal of Business, Human and Social Sciences International Journal of Earth, Energy and Environmental Sciences International Journal of Electrical, Electronic and Communication Sciences International Journal of Engineering, Mathematical and Physical Sciences International Journal of Medical, Medicine and Health Sciences International Journal of Mechanical, Industrial and Aerospace Sciences International Journal of Information, Control and Computer Sciences

SUGGEST A JOURNAL

Join Scholarly today, and help us improve Open Access Journal database.

+ Sign Up

Advanced Search

A Static Android Malware Detection Based on Actual Used Permissions Combination and API Calls

Year: 2016 Volume: 10 Issue: 9 1652 - 1659 Pages

Abstract: Android operating system has been recognized by most application developers because of its good open-source and compatibility, which enriches the categories of applications greatly. However, it has become the target of malware attackers due to the lack of strict security supervision mechanisms, which leads to the rapid growth of malware, thus bringing serious safety hazards to users. Therefore, it is critical to detect Android malware effectively. Generally, the permissions declared in the AndroidManifest.xml can reflect the function and behavior of the application to a large extent. Since current Android system has not any restrictions to the number of permissions that an application can request, developers tend to apply more than actually needed permissions in order to ensure the successful running of the application, which results in the abuse of permissions. However, some traditional detection methods only consider the requested permissions and ignore whether it is actually used, which leads to incorrect identification of some malwares. Therefore, a machine learning detection method based on the actually used permissions combination and API calls was put forward in this paper. Meanwhile, several experiments are conducted to evaluate our methodology. The result shows that it can detect unknown malware effectively with higher true positive rate and accuracy while maintaining a low false positive rate. Consequently, the AdaboostM1 (J48) classification algorithm based on information gain feature selection algorithm has the best detection result, which can achieve an accuracy of 99.8%, a true positive rate of 99.6% and a lowest false positive rate of 0.

Automatic Intelligent Analysis of Malware Behaviour

Year: 2014 Volume: 8 Issue: 4 690 - 694 Pages

Abstract: In this paper, we describe the use of formal methods to model malware behaviour. The modelling of harmful behaviour rests upon syntactic structures that represent malicious procedures inside malware. The malicious activities are modelled by a formal grammar, where API calls’ components are the terminals and the set of API calls used in combination to achieve a goal are designated non-terminals. The combination of different non-terminals in various ways and tiers make up the attack vectors that are used by harmful software. Based on these syntactic structures a parser can be generated which takes execution traces as input for pattern recognition.