A Novel Dynamic Android Malware
A Novel Dynamic Android Malware
With the popularity of Android smartphones, malicious applications targeted Androidplatform have explosively increased. Proposing effective Android malware detection method for preventingthe spread of malware has become an emerging issue. Various features extracted through static and dynamicanalysis in conjunction with machine learning algorithm have been the mainstream in large-scale malwareidentification. In general, static analysis becomes invalid in detecting applications which adopt sophisticatedobfuscation techniques like encryption or dynamic code loading. However, dynamic analysis is suitable todeal with these evasion techniques. In this paper, we propose an effective dynamic analysis framework,called EnDroid, in the aim of implementing highly precise malware detection based on multiple types ofdynamic behavior features. These features cover system-level behavior trace and common application-levelmalicious behaviors like personal information stealing, premium service subscription, malicious servicecommunication. In addition, EnDroid adopts feature selection algorithm to remove noisy or irrelevantfeatures and extracts critical behavior features. Extracting behavior features through runtime monitor,EnDroid is able to distinguish malicious from benign applications with ensemble learning algorithm.Through experiments, we prove the effectiveness of EnDroid on two datasets. Furthermore, we find Stackingachieves the best classification performance and is promising in Android malware detection Code Shoppy
In this paper, we present a novel dynamic analysis frame-work, called EnDroid, which automatically extracts multipletypes of dynamic behavior features to implement effectivemalware detection. We apply feature selection algorithm chi-square to remove irrelevant or noisy features and extractcritical features. These critical features help to identify riskybehaviors in real-world applications. EnDroid then appliesStacking to implement effective malware detection. On twodatasets, we verify the Android detection performance ofEnDroid with different feature space, various machine learn-ing algorithms and different feature selection algorithms.The experimental results show that Stacking achieves thebest classification performance and is promising in Androidmalware detection
https://codeshoppy.com/php-projects-titles-topics.html
Despite of the effectiveness of EnDroid, there are severalissues remaining to be resolved. Our future work will focuson addressing the following problems. EnDroid only takes ipand port as features for network operations, which will missnetwork-based malware. We would investigate to combineautomatically network traffic analysis tool to deeply analyzemalicious network behaviors and implement more accuratemalware detection. While our dynamic analysis is precise,it can only detect executed malicious behaviors during theanalysis. We would investigate to combine input generatortools IntelliDroid [39] to improve the coverage of dynamicanalysis. Finally, we plan to integrate complex learning algo-rithms like hidden markov model, deep learning into EnDroidto implement more accurate malware detection.
With the popularity of Android smartphones, malicious applications targeted Androidplatform have explosively increased. Proposing effective Android malware detection method for preventingthe spread of malware has become an emerging issue. Various features extracted through static and dynamicanalysis in conjunction with machine learning algorithm have been the mainstream in large-scale malwareidentification. In general, static analysis becomes invalid in detecting applications which adopt sophisticatedobfuscation techniques like encryption or dynamic code loading. However, dynamic analysis is suitable todeal with these evasion techniques. In this paper, we propose an effective dynamic analysis framework,called EnDroid, in the aim of implementing highly precise malware detection based on multiple types ofdynamic behavior features. These features cover system-level behavior trace and common application-levelmalicious behaviors like personal information stealing, premium service subscription, malicious servicecommunication. In addition, EnDroid adopts feature selection algorithm to remove noisy or irrelevantfeatures and extracts critical behavior features. Extracting behavior features through runtime monitor,EnDroid is able to distinguish malicious from benign applications with ensemble learning algorithm.Through experiments, we prove the effectiveness of EnDroid on two datasets. Furthermore, we find Stackingachieves the best classification performance and is promising in Android malware detection Code Shoppy
In this paper, we present a novel dynamic analysis frame-work, called EnDroid, which automatically extracts multipletypes of dynamic behavior features to implement effectivemalware detection. We apply feature selection algorithm chi-square to remove irrelevant or noisy features and extractcritical features. These critical features help to identify riskybehaviors in real-world applications. EnDroid then appliesStacking to implement effective malware detection. On twodatasets, we verify the Android detection performance ofEnDroid with different feature space, various machine learn-ing algorithms and different feature selection algorithms.The experimental results show that Stacking achieves thebest classification performance and is promising in Androidmalware detection
https://codeshoppy.com/php-projects-titles-topics.html
Despite of the effectiveness of EnDroid, there are severalissues remaining to be resolved. Our future work will focuson addressing the following problems. EnDroid only takes ipand port as features for network operations, which will missnetwork-based malware. We would investigate to combineautomatically network traffic analysis tool to deeply analyzemalicious network behaviors and implement more accuratemalware detection. While our dynamic analysis is precise,it can only detect executed malicious behaviors during theanalysis. We would investigate to combine input generatortools IntelliDroid [39] to improve the coverage of dynamicanalysis. Finally, we plan to integrate complex learning algo-rithms like hidden markov model, deep learning into EnDroidto implement more accurate malware detection.
Comments
Post a Comment