Applying behavioral detection on android-based devices

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

61 Scopus citations

Abstract

We present Andromaly - a behavioral-based detection framework for Android-powered mobile devices. The proposed framework realizes a Host-based Intrusion Detection System (HIDS) that continuously monitors various features and events obtained from the mobile device, and then applies Machine Learning methods to classify the collected data as normal (benign) or abnormal (malicious). Since no malicious applications are yet available for Android, we evaluated Andromaly's ability to differentiate between game and tool applications. Successful differentiation between games and tools is expected to provide a positive indication about the ability of such methods to learn and model the behavior of an Android application and potentially detect malicious applications. Several combinations of classification algorithms, feature selections and the number of top features were evaluated. Empirical results suggest that the proposed detection framework is effective in detecting types of applications having similar behavior, which is an indication for the ability to detect unknown malware in the Android framework.

Original languageEnglish
Title of host publicationMobile Wireless Middleware, Operating Systems, and Applications - Third International Conference, Mobilware 2010, Revised Selected Papers
Pages235-249
Number of pages15
DOIs
StatePublished - 1 Dec 2010
Event3rd International Conference on Mobile Wireless Middleware, Operating Systems, and Applications, Mobilware 2010 - Chicago, IL, United States
Duration: 30 Jun 20102 Jul 2010

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering
Volume48 LNICST
ISSN (Print)1867-8211

Conference

Conference3rd International Conference on Mobile Wireless Middleware, Operating Systems, and Applications, Mobilware 2010
Country/TerritoryUnited States
CityChicago, IL
Period30/06/102/07/10

Keywords

  • Android
  • Intrusion detection
  • Machine learning
  • Malware
  • Mobile devices
  • Security

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Applying behavioral detection on android-based devices'. Together they form a unique fingerprint.

Cite this