Computer Science

Computer Science ›› 2017, Vol. 44 ›› Issue (4): 135-139.doi: 10.11896/j.issn.1002-137X.2017.04.029

Previous Articles     Next Articles

Detecting Malware by Combining API and Permission Features

SHAO Shu-di, YU Hui-qun and FAN Gui-sheng   

  • Online:2018-11-13 Published:2018-11-13

PDF (PC)

997

Abstract: With the use of Android OS,the number of Android applications is getting larger and larger.Therefore,how to detect malware is very important for protecting the mobile phone security.In this paper,we extracted API feature and permission feature by reverse-engineering the apk files respectively.Then,the two features are combined into a feature set.Finally,with different classification algorithms,the malwares can be detected.As a result,compared to single API or permission feature,higher detecting accuracy is gotten,which shows that the feature combination of permission and API is more efficient in detecting malicious Android applications.

Key words: API,Permission,Feature set,Android applications,Malware detection

[1] Smartphone OS Market Share.http://www.idc.com/pro-dserv/smartphone-os-market-share.jsp.
[2] Googel Play States.http://www.appbrain.com/stats/st-ats-index.
[3] FELT A P,HA E,EGELMAN S,et al.Android permissions:User attention,comprehension,and behavior[C]∥Proceedings of the 8th Symposium on Usable Privacy and Security.2012:1-14.
[4] BARRERA D,KAYACIK H G,VAN OORSCHOT PC,et al.A methodology for empirical analysis of permission-based security models and its application to android[C]∥Proceedings of the 17th ACM Conference on Computer and Communications Securi-ty.2010:73-84.
[5] FELT A P,CHIN E,HANNA S,et al.Android permissions demystified[C]∥Proceedings of 18th ACM Conference on Computer and Communications Security.2011:627-638.
[6] WANG W,WANG X,FENG D W,et al.Exploring Permission-Induced Risk in Android Applications for Malicious Application Detection[J].IEEE Transaction On Information Forensics and Security,2014,9(11):1869-1882.
[7] NISHIMOTO Y,KAJIWARA N,MATSUMOTO S,et al.Detection of Android API Call Using Logging Mechanism within Android Framework[C]∥International Conference on Security and Privacy in Communication Systems.2013:393-404.
[8] AAFER Y,DU W L,YIN H.DroidAPIMiner:Mining API-Le-vel Features for Robust Malware Detection in Android[C]∥Proceedings of International Conference on Security and Privacy in Communication Networks.2013:86-103.
[9] GENEIATAKIS D,FOVINO I N,KOUNELIS I,et al.A Permission verification approach for android mobile applications[J].Computers & Security,2015,49:192-205.
[10] APK.https://zh.wikipedia.org/wiki/APK.
[11] Package Index.http://developer.android.com/reference/packages.html.
[12] Virusshare[OL.]http://virusshare.com.
[13] Virustotal.https://www.virustotal.com.
[14] ZHANG R.Research on Malware Detecting based on Static Analysis under Android Environment [D].Chongqing:Chongqing University,2014.(in Chinese) 张锐.Android环境下恶意软件静态检测方法研究[J].重庆:重庆大学,2014.
[15] ZHOU Y J,JIANG X X.Dissecting android malware:Characteri-zation and evolution[C]∥Proceedings of the IEEE Symposium on Security and Privacy.2012:1063-1069.
[16] XING L Y,PAN X R,WANG R,et al.Upgrading your android,elevating my malware:privilege escalation through mobile os updating[C]∥Proceedings of the 35th IEEE Symposium on Security and Privacy.2014:393-408.
[17] PANDITA R,XIAO X S,YANG W,et al.Whyper:towards automating risk assessment of mobile applications[C]∥Procee-dings of the 22nd USENIX Conference on Security.2013:527-542.
[18] WERTHMANN T,HUND R,DAVI L,et al.Psios:bring your own privacy and security to ios devices[C]∥Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security.2013:13-24.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.