Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach

Asaf Shabtai; Uri Kanonov; Yuval Elovici

doi:10.1007/978-3-642-04342-0_23

Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach

Asaf Shabtai, Uri Kanonov, Yuval Elovici

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

In this research, we evaluate a knowledge-based approach for detecting instances of known classes of mobile devices malware based on their temporal behavior. The framework relies on lightweight agent that continuously monitors time-stamped security data within the mobile device and then processes the data using a light version of the Knowledge-Based Temporal Abstraction (KBTA) methodology. The new approach was applied for detecting malware on Google Android powered-devices. Evaluation results demonstrated the effectiveness of the proposed approach.

Original language	English
Title of host publication	Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings
Pages	357-358
Number of pages	2
DOIs	https://doi.org/10.1007/978-3-642-04342-0_23
State	Published - 1 Dec 2009
Event	12th International Symposium on Recent Advances in Intrusion Detection, RAID 2009 - Saint-Malo, France Duration: 23 Sep 2009 → 25 Sep 2009

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	5758 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	12th International Symposium on Recent Advances in Intrusion Detection, RAID 2009
Country/Territory	France
City	Saint-Malo
Period	23/09/09 → 25/09/09

Keywords

Host-Based Intrusion Detection Systems
KBTA
Mobile Devices

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-642-04342-0_23

Cite this

Shabtai, A., Kanonov, U., & Elovici, Y. (2009). Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach. In Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings (pp. 357-358). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5758 LNCS). https://doi.org/10.1007/978-3-642-04342-0_23

Shabtai, Asaf ; Kanonov, Uri ; Elovici, Yuval. / Detection, alert and response to malicious behavior in mobile devices : Knowledge-based approach. Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings. 2009. pp. 357-358 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5e8aecb2b9194571a7aa6f85a3eeb72c,

title = "Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach",

abstract = "In this research, we evaluate a knowledge-based approach for detecting instances of known classes of mobile devices malware based on their temporal behavior. The framework relies on lightweight agent that continuously monitors time-stamped security data within the mobile device and then processes the data using a light version of the Knowledge-Based Temporal Abstraction (KBTA) methodology. The new approach was applied for detecting malware on Google Android powered-devices. Evaluation results demonstrated the effectiveness of the proposed approach.",

keywords = "Host-Based Intrusion Detection Systems, KBTA, Mobile Devices",

author = "Asaf Shabtai and Uri Kanonov and Yuval Elovici",

year = "2009",

month = dec,

day = "1",

doi = "10.1007/978-3-642-04342-0_23",

language = "English",

isbn = "3642043410",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "357--358",

booktitle = "Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings",

note = "12th International Symposium on Recent Advances in Intrusion Detection, RAID 2009 ; Conference date: 23-09-2009 Through 25-09-2009",

}

Shabtai, A, Kanonov, U & Elovici, Y 2009, Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach. in Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5758 LNCS, pp. 357-358, 12th International Symposium on Recent Advances in Intrusion Detection, RAID 2009, Saint-Malo, France, 23/09/09. https://doi.org/10.1007/978-3-642-04342-0_23

Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach. / Shabtai, Asaf; Kanonov, Uri; Elovici, Yuval.
Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings. 2009. p. 357-358 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 5758 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Detection, alert and response to malicious behavior in mobile devices

T2 - 12th International Symposium on Recent Advances in Intrusion Detection, RAID 2009

AU - Shabtai, Asaf

AU - Kanonov, Uri

AU - Elovici, Yuval

PY - 2009/12/1

Y1 - 2009/12/1

N2 - In this research, we evaluate a knowledge-based approach for detecting instances of known classes of mobile devices malware based on their temporal behavior. The framework relies on lightweight agent that continuously monitors time-stamped security data within the mobile device and then processes the data using a light version of the Knowledge-Based Temporal Abstraction (KBTA) methodology. The new approach was applied for detecting malware on Google Android powered-devices. Evaluation results demonstrated the effectiveness of the proposed approach.

AB - In this research, we evaluate a knowledge-based approach for detecting instances of known classes of mobile devices malware based on their temporal behavior. The framework relies on lightweight agent that continuously monitors time-stamped security data within the mobile device and then processes the data using a light version of the Knowledge-Based Temporal Abstraction (KBTA) methodology. The new approach was applied for detecting malware on Google Android powered-devices. Evaluation results demonstrated the effectiveness of the proposed approach.

KW - Host-Based Intrusion Detection Systems

KW - KBTA

KW - Mobile Devices

UR - http://www.scopus.com/inward/record.url?scp=76649140474&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-04342-0_23

DO - 10.1007/978-3-642-04342-0_23

M3 - Conference contribution

AN - SCOPUS:76649140474

SN - 3642043410

SN - 9783642043413

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 357

EP - 358

BT - Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings

Y2 - 23 September 2009 through 25 September 2009

ER -

Shabtai A, Kanonov U, Elovici Y. Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach. In Recent Advances in Intrusion Detection - 12th International Symposium, RAID 2009, Proceedings. 2009. p. 357-358. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-04342-0_23

Detection, alert and response to malicious behavior in mobile devices: Knowledge-based approach

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this