Open Access
Subscription Access
Android Malware Detection in Official and Third Party Application Stores
Android is one of the most popular operating system for mobile devices and tablets. The growing number of Android users and open source nature of this platform has also attracted attackers to target Android devices. This paper presents the static and dynamic analysis of the Android applications in order to detect malware. In this work, we have performed permission based and behavioural based filtering of Android applications with the help of malware analysis tools. Our results revel that 80% of the applications request for dangerous permissions. 13% applications consist of malicious activities. Most of the applications are interested in the device data like contact lists, IMEI, IMSI, SMS etc. These results clearly indicate the need for better security measures for Android apps.
Keywords
Android Malware, Static Analysis, Dynamic Analysis, Permissions, Applications.
User
Font Size
Information
- A. P. Felt, K. Greenwood, and D. Wagner, The effectiveness of install-time permission systems for thirdparty applications, Technical report, University of California at Berkeley, UCB/EECS-2010-143, Dec 2010.
- D. Barrera, H. G. Kayacik, P. C. van Oorschot, and A. Somayaji, A methodology for empirical analysis of permission-based security models and its application to android, Proc. 17th ACM conference on Computer and communications security, ACM, New York, 2010, 73–84.
- A.P. Felt , E. Chin., S. Hanna, D. Song , D. Wagner, Android permissions demystified, Proc. 8th ACM conference on Computer and communications security, New York, USA. 2011b. 627-638.
- Y. Zhou and X. Jiang, Dissecting android malware: Characterization and evolution, Proc. IEEE Symposium on Security and Privacy, San Francisco, CA, USA, 2012, 95–109.
- A. P. Felt, M. Finifter, E. Chin, D. Wagner, A Survey of Mobile Malware in the Wild, Proc. 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM '11), ACM, New York, USA, 2011, 3-14
- Y. Zhou, Z. Wang, W. Zhou, and X. Jiang. Hey, you, get off of my market: Detecting malicious apps in official and alternative Android markets. Proceedings of the 19th Network and Distributed System Security Symposium, San Diego, CA, 317-326.
- M. Grace, Y. Zhou, Q. Zhang, S. Zou and X. Jiang , Riskranker: scalable and accurate zero-day android malware detection, Proc. International Conference on Mobile Systems, Applications, and Services, London, UK, 2012, 281–294.
- X. Wei, L. Gomez, I. Neamtiu, and M. Faloutsos, Malicious android applications in the enterprise: What do they do and how do we fix it?1, Proc. IEEE 28th International Conference on Data Engineering Workshops (ICDEW), 251–254, 2012.
- S. Holavanalli, D. Manuel, V. Nanjundaswamy, B. Rosenberg, F. Shen, S. Y. Ko, and L. Ziarek, Flow permissions for android, Proc. 28th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2013, 652–657,2013.
- Y. Zhang, M. Yang, B. Xu, Z. Yang, G. Gu, P. Ning, X. S. Wang, and B. Zang, Vetting undesirable behaviors in android apps with permission use analysis, Proc. 2013 ACM SIGSAC Conference on Computer & Communications Security, 611–622, 2013.
- P. Faruki, V. Ganmoor, V. Laxmi, M. S. Gaur, and A. Bharmal, Androsimilar: Robust statistical feature signature for android malware detection, Proc. International Conference on Security of Information and Networks (SIN’13), Aksaray, Turkey. ACM, 2013, 152– 159
- B. Rashidi, C. Fung, and T. Vu, Recdroid: A resource access permission control portal and recommendation service for smartphone users, Proc. 2014 ACM MobiCom Workshop on Security and Privacy in Mobile Environments (SPME’14), Maui, Hawaii, USA, 2014, 13– 18.
- A. R. Beresford, A. Rice, N. Skehin, and R. Sohan, Mockdroid: Trading privacy for application functionality on smartphones, Proc. 12th Workshop on Mobile Computing Systems and Applications (HotMobile’11), Phoenix, Arizona, USA. ACM, 2011, 49–54.
- I. Burguera, U. Zurutuza, and S. Nadjm-Tehrani, Crowdroid: Behavior-based malware detection system for android, Proc. 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM’11), Chicago, Illinois, USA, 2011, 15–26.
- Z. Aung, and W. Zaw, Permission-based Android malware detection, International Journal of Scientific & Technology Research, 2(3), 2013
- S. Ryo, D. Chiba, and S. Goto, Detecting Android Malware by Analyzing Manifest Files, Proc. Asia-Pacific Advanced Network , 2013, 23-31
- S. Rani, and K. Dhindsa, Behavioural Characterization of Android Malware to Detect Similar Malware, International Journal of Research in Electronics and Computer Engineering, 5(4), 2017, pp. 509-514
- A. Kapratwar, Static and Dynamic Analysis of Android Malware, Proc. 1st International Workshop on FORmal methods for Security Engineering In conjunction with the 3rd International Conference on Information Systems Security and Privacy, Porto, Portugal, 2017
- F. Yuhui, and X. Ning, The Analysis of Android Malware Behaviors, International Journal of Security and Its Applications, 9(3), 2015, 335-346
Abstract Views: 183
PDF Views: 1