Effectiveness of opcode ngrams for detection of multi family android malware

Proceedings - 10th International Conference on Availability, Reliability and Security, ARES 2015

Volumn , Issue , 2015, Pages 333-340

  Canfora, Gerardo ^a   De Lorenzo, Andrea ^b   Medvet, Eric ^b   Mercaldo, Francesco ^a   Visaggio, Corrado Aaron ^a  

^a UNIVERSITY OF SANNIO   (Italy)

^b UNIVERSITY OF TRIESTE   (Italy)

Author keywords

Android; Machine learning; Malware

Indexed keywords

ARTIFICIAL INTELLIGENCE; COMPUTER CRIME; LEARNING SYSTEMS; MALWARE;

ANDROID; ANDROID MALWARE; ANDROID PLATFORMS; DETECTION RATES; MALWARE FAMILIES; MOBILE PLATFORM; ON STATE; WIDE DIFFUSION;

ANDROID (OPERATING SYSTEM);

EID: 84961574697     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ARES.2015.57     Document Type: Conference Paper

References (41)

1. On the effectiveness of malware protection on android. http://www. aisec. fraunhofer. de/content/dam/aisec/Dokumente/Publikationen/Studien TechReports/deutsch/042013-Technical-Report-Android-Virus-Test. pdf, last visit 20 April 2015.
2. Mobile threat report. https: //www. f-secure. com/documents/996508/1030743/Threat Report H1 2014. pdf, last visit 20 April 2015.
3. Gartner predicts by 2017, half of employers will require employees to supply their own device for work purposes. http://www. gartner. com/newsroom/id/2466615, last visit 20 April 2015.
4. Smartphone os market share, q3 2014. http://www. idc. com/prodserv/smartphone-osmarket-share. jsp, last visit 20 April 2015.
5. Update: Mcafee: Cyber criminals using android malware and ransomware the most. http://www. infoworld. com/article/2614854/security/update-mcafee-cyber-criminals-using-androidmalware-and-ransomware-the-most. html, last visit 20 April 2015.
6. Google play. https: //play. google. com/store?hl=it, last visit 20 April 2015.
7. Gartner. http://www. gartner. com/newsroom/id/2944819, last visit 20 April 2015.
8. Kindsight security labs malware report-q4 2013. http://www. tmcnet. com/tmc/whitepapers/documents/whitepapers/2014/9861-kindsight-security-labsmalware-report-q4-2013. pdf, last visit 21 January 2015.
9. Google play unofficial python api. https: //github. com/egirault/googleplay-api, last visit 25 November 2014.
10. Virustotal. https: //www. virustotal. com/, last visit 25 November 2014.
11. Daniel Arp, Michael Spreitzenbarth, Malte Huebner, Hugo Gascon, and Konrad Rieck. Drebin: Efficient and explainable detection of android malware in your pocket. In Proceedings of 21th Annual Network and Distributed System Security Symposium (NDSS), 2014.
12. Alberto Bartoli, Simone Cumar, Andrea De Lorenzo, and Eric Medvet. Compressing regular expression sets for deep packet inspection. In Parallel Problem Solving from Nature-PPSN XIII, pages 394-403. Springer, 2014.
13. Ulrich Bayer, Christopher Kruegel, and Engin Kirda. Ttanalyze: A tool for analyzing malware. In European Institute for Computer Antivirus Research Annual Conference, 2006.
14. D. Bilar. Opcodes as predictor for malware. International Journal of Electronic Security and Digital Forensics, 2007.
15. Gerardo Canfora, Francesco Mercaldo, and Corrado Aaron Visaggio. A classifier of malicious android applications. In Proceedings of the 2nd International Workshop on Security of Mobile Applications, in conjunction with the International Conference on Availability, Reliability and Security, 2013.
16. Luke Deshotels, Vivek Notani, and Arun Lakhotia. Droidlegacy: Automated familial classification of android malware. In ACM SIGPLAN on Program Protection and Reverse Engineering Workshop, 2014.
17. Parvez Faruki, Vijay Ganmoor, Vijay Laxmi, M. S. Gaur, and Ammar Bharmal. Androsimilar: robust statistical feature signature for android malware detection. In International Conference on Security of Information and Networks, pages 151-159, 2013.
18. M. Fazeen and R. Dantu. Another free app: Does it have the right intentions? In 2014 Twelfth AnnualConference on Privacy, Security and Trust (PST), pages 282-289, 2014.
19. Yu Feng, Saswat Anand, Isil Dillig, and Alex Aiken. Apposcopy: semantics-based detection of android malware through static analysis. In ACM SIGSOFT International Symposium on Foundations of Software Engineering, pages 576-587, 2014.
20. Manuel Fernández-Delgado, Eva Cernadas, Senén Barro, and Dinani Amorim. Do we need hundreds of classifiers to solve real world classification problems? The Journal of Machine Learning Research, 15 (1): 3133-3181, 2014.
21. K. S. Han, B. Kang, and E. G. Im. Malware classification using instruction frequencies. In RACS'14, International Conference on Research in Adaptive and Convergent Systems, pp. 298-300, 2014.
22. Q. Jerome, K. Allix, R. State, and T. Engel. Using opcode-sequences to detect malicious android applications. In IEEE International Conference on Communication and Information Systems Security Symposium, pages 914-919, 2014.
23. Shuang Liang and Xiaojiang Du. Permissioncombination-based scheme for android mobile malware detection. In International Conference on Communications, pages 2301-2306, 2014.
24. C. Liangboonprakong and O. Sornil. Classification of malware families based on n-grams sequential pattern features. In 8th IEEE Conference on Industrial Electronics and Applications (ICIEA), pages 777-782, 2013.
25. Xing Liu and Jiqiang Liu. A two-layered permissionbased android malware detection scheme. In International Conference on Mobile Cloud Computing, Service, and Engineering, pages 142-148, 2014.
26. F. Mercaldo and C. A. Visaggio. Evaluating malwares obfuscation techniques against antimalware detection algorithms. http://www. researchgate. net/profile/Corrado Aaron Visaggio/publication/274249693 Evaluating malwares obfuscation techniques against antimalware detection algorithms/links/551950e80cf273292e71475f. pdf, last visit 24 April 2015.
27. J. Oberheide and C. Mille. Dissecting the android bouncer. In SummerCon, 2012.
28. R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie. Whyper: Towards automating risk assessment of mobile applications. In 22nd USENIX Security Symposium, pages 527-542, 2013.
29. H. Peng, C. Gates, B. Sarma, N. Li, Y. Qi, R. Potharaju, C. Nita-Rotaru, and I. Molloy. Using probabilistic generative models for ranking risks of android apps. In CCS'12, 19th ACM Conference on Computer and Communications Security, pp. 241-252, 2012.
30. Z. Qu, V. Rastogi, X. Zhang, and Y. Chen. Autocog: Measuring the description-to-permission fidelity in android applications. In 21st ACM Conference on Computer and Communications Security, pages 1354-1365, 2014.
31. B. B. Rad and M. Masrom. Metamorphic Virus Variants Classification Using Opcode Frequency Histogram. Latest Trends on Computers (Volume I), 2010.
32. B. B. Rad, M. Masrom, and S. Ibrahim. Opcodes histogram for classifying metamorphic portable executables malware. In ICEEE'12, International Conference on e-Learning and e-Technologies in Education, pp. 209-213, 2012.
33. Rahul Ramachandran, Tae Oh, and William Stackpole. Android anti-virus analysis. In Annual Symposium on Information Assurance & Secure Knowledge Management, pages 35-40, June 2012.
34. Vaibhav Rastogi, Yan Chen, and Xuxian Jiang. Droidchameleon: evaluating android anti-malware against transformation attacks. In ACM Symposium on Information, Computer and Communications Security, pages 329-334, May 2013.
35. I. Santos, Y. K. Penya, J. Devesa, and P. G. Bringas. N-grams-based file signatures for malware detection. In International Conference on Enterprise Information Systems (ICEIS), pages 317-320, 2009.
36. B. Sarma, N. Li, C. Gates, R. Potharaju, and C. Nita-Rotaru. Android permissions: A perspective combining risks and benefits. In SACMAT'12, Symposium on Access Models and Technologies, pp. 13-22, 2012.
37. Michael Spreitzenbarth, Florian Echtler, Thomas Schreck, Felix C. Freling, and Johannes Hoffmann. Mobilesandbox: Looking deeper into android applications. In 28th International ACM Symposium on Applied Computing (SAC), 2013.
38. Wen-Chieh Wu and Shih-Hao Hung. Droiddolphin: a dynamic android malware detection framework using big data and machine learning. In Conference on Research in Adaptive and Convergent Systems, pages 247-252, 2014.
39. Suleiman Y. Yerima, Sakir Sezer, Gavin McWilliams, and Igor Muttik. A new android malware detection approach using bayesian classification. In International Conference on Advanced Information Networking and Applications, pages 121-128, 2013.
40. Yajin Zhou and Xuxian Jiang. Dissecting android malware: Characterization and evolution. In Proceedings of 33rd IEEE Symposium on Security and Privacy (Oakland 2012), 2012.
41. Yajin Zhou and Xuxian Jiang. Android malware, springerbriefs in computer science, 2013.