Machine Learning Meets iOS Malware: Identifying Malicious Applications on Apple Environment
نویسندگان
چکیده
The huge diffusion of the so-called smartphone devices is boosting the malware writer community to write more and more aggressive software targeting the mobile platforms. While scientific community has largely studied malware on Android platform, few attention is paid to iOS applications, probably to their closed-source nature. In this paper, in order to fill this gap, we propose a method to identify malicious application on Apple environment. Our method relies on a feature vector extracted by static analysis. Experiments, performed with 20 different machine learning algorithms, demonstrate that malware iOS applications are discriminated by trusted ones with a precision equal to 0.971 and a recall equal to 1.
منابع مشابه
Securing a Mobile World
4 CrossTalk—March/April 2012 Abstract. The sphere of malware attacks is expanding to engulf the compact world of smartphones. This paper sheds light on exploitation tactics used by malware writers in designing iPhone applications that exploit the integrity of the victim’s phone. Our interest is in the harder problem of malware on iPhones that are not jailbroken. Introduction Malware has begun i...
متن کاملDmia: a Malware Detection System on Ios Platform
iOS is a popular operating system on Apple’s smartphones, and recent security events have shown the possibility of stealing the users' privacy in iOS without being detected, such as XcodeGhost. So, we present the design and implementation of a malware vetting system, called DMIA. DMIA first collects runtime information of an app and then distinguish between malicious and normal apps by a novel ...
متن کاملAndRadar: Fast Discovery of Android Applications in Alternative Markets
Compared to traditional desktop software, Android applications are delivered through software repositories, commonly known as application markets. Other mobile platforms, such as Apple iOS and BlackBerry OS also use the marketplace model, but what is unique to Android is the existence of a plethora of alternative application markets. This complicates the task of detecting and tracking Android m...
متن کاملExplaining Black-box Android Malware Detection
Machine-learning models have been recently used for detecting malicious Android applications, reporting impressive performances on benchmark datasets, even when trained only on features statically extracted from the application, such as system calls and permissions. However, recent findings have highlighted the fragility of such in-vitro evaluations with benchmark datasets, showing that very fe...
متن کاملFeature-based Malicious URL and Attack Type Detection Using Multi-class Classification
Nowadays, malicious URLs are the common threat to the businesses, social networks, net-banking etc. Existing approaches have focused on binary detection i.e. either the URL is malicious or benign. Very few literature is found which focused on the detection of malicious URLs and their attack types. Hence, it becomes necessary to know the attack type and adopt an effective countermeasure. This pa...
متن کامل