A Result Fusion based Distributed Anomaly Detection System for Android Smartphones

In this paper we present an information fusion based distributed anomaly detection system for Android mobile phones. The proposed framework realizes a clientserver architecture, the client continuously extracts various features and transfers to the server, and the server’s major task is to detect anomaly using state-of-art detection algorithms implemented as anomaly detectors. Multiple distributed servers simultaneously analyzing the feature vector using different detectors and information fusion is used to fuse the results of detectors. We also propose a cycle-based statistical approach for smartphone anomaly detection as the smartphone users usual follow regular patterns due to their periodical patterns of lives. Empirical results suggest that the proposed framework and novel anomaly detection algorithm are effective in detecting malware on Android devices.