Computer Science

Computer Science ›› 2017, Vol. 44 ›› Issue (Z11): 317-321.doi: 10.11896/j.issn.1002-137X.2017.11A.067

Previous Articles     Next Articles

Android Static Analysis System Based on Signature and Data Flow Pattern Mining

NING Zhuo, SHAO Da-cheng, CHEN Yong and SUN Zhi-xin   

  • Online:2018-12-01 Published:2018-12-01

PDF (PC)

673

Abstract: With the improvement of Android malware’s resistance of being detected,traditional static analysis has faced some problems,for example,signature analysis has a high analysis speed,but it suffers repackaging and code confusion problems.Data flow analysis is preferred for its high accuracy,but it is criticized by high resources costs.To deal with the above problems,a new static analysis system was proposed by combining an improved multi-signature analysis and data flow mining method to find a balance point between the accuracy and the efficiency,in which not only the multi-signature analysis is improved by using the signatures of classes and the method,but also the frequent data flow patterns is mined in malware to avoid manual detection.The result shows the system has better capability in solving the repackaging or code confusion problem and the whole detection accuracy approaches 88%.

Key words: Static analysis,Android malware,Signature detection,Data flow pattern mining

[1] ANALYTICS S.Android shipped 1 billion smartphones worldwide in 2014.http://www.strategyanalytics.com/default.aspx?mod=reportabstractviewer&a0=10539.
[2] ENCK W,ONGTANG M,MCDANIEL P.On lightweight mobile phone application certification[C]∥Proc.of the 16th ACM Conf.on Computer and Communications Security (CCS 2009).2009:235-245.
[3] LIU X,LIU J Q.A Two-layered Permission-based Android Malware Detection Scheme[C]∥2014 2nd IEEE International Conference on Mobile Cloud Computing,Services,and Engineering.2014:142-148.
[4] GUO C K,XU J,LIU L,et al.MalDetector-Using PermissionCombinations to Evaluate Malicious Features of Android App[C]∥Software Engineering and Service Science (ICSESS).2015:157-160
[5] ZHAO Z B,OSONO F C C.Trustdroid:Preventing the use ofsmartphones for information leaking in corporate networks through the used of static analysis taint tracking[C]∥7th International Conference on Malicious and Unwanted Software (MALWARE).2012:135-143
[6] FRITZ C,ARZT S,RASTHOFER S,et al.Highly Precise Taint Analysis for Android Applications[J].Cs.ucdavis.edu,2013,3(2):151-157.
[7] KLIEBER W,FLYNN L,BHOSALE A,et al.Android taintflow analysis for app sets [C]∥ACM Sigplan International Workshop on the State of the Art in Java Program Analysis.2014:1-6
[8] QIN Z Y,YANG Z Y,DI Y X,et al.Detecting repackaged android applications [J].Lecture Notes in Electrical Engineering,2014,277:1099-1107.
[9] ZHENG M,SUN M S,LIU C S.Droid Analytics:A SignatureBased Analytic System to Collect,Extract,Analyze and Associa-te Android Malware[C]∥ proceedings of the 12th IEEE International Conference on Trust,Security and Privacy in Computing and Communications.Melbourne,VIC,Australia,2013:163-171.
[10] ZHOU Y,JIANG X.Dissecting Android Malware:Characterization and Evolutionin [C]∥Proceedings of 33rd IEEE Sympo-sium on Security and Privacy.2012:95-109.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.