MADAM: A Multi-level Anomaly Detector for Android Malware
نویسندگان
چکیده
Currently, in the smartphone market, Android is the platform with the highest share. Due to this popularity and also to its open source nature, Android-based smartphones are now an ideal target for attackers. Since the number of malware designed for Android devices is increasing fast, Android users are looking for security solutions aimed at preventing malicious actions from damaging their smartphones. In this paper, we describe MADAM, a Multi-level Anomaly Detector for Android Malware. MADAM concurrently monitors Android at the kernel-level and user-level to detect real malware infections using machine learning techniques to distinguish between standard behaviors and malicious ones. The first prototype of MADAM is able to detect several real malware found in the wild. The device usability is not affected by MADAM due to the low number of false positives generated after the learning phase.
منابع مشابه
DroidNative: Semantic-Based Detection of Android Native Code Malware
According to the Symantec and F-Secure threat reports, mobile malware development in 2013 and 2014 has continued to focus almost exclusively (∼99%) on the Android platform. Malware writers are applying stealthy mutations (obfuscations) to create malware variants, thwarting detection by signature based detectors. In addition, the plethora of more sophisticated detectors making use of static anal...
متن کاملPoster: Mobile Malware Detection using Multiple Detector Set Artificial Immune System
As mobile devices become increasingly more powerful and important in everyday life, the need for efficient and effective detection of mobile malware has become pressing. We developed a multi-detector set Artificial Immune System (mAIS) to classify apps into benign and malicious categories based upon information flows within the app. The performance of mAIS has been compared with the performance...
متن کاملA Result Fusion based Distributed Anomaly Detection System for Android Smartphones
In this paper we present an information fusion based distributed anomaly detection system for Android mobile phones. The proposed framework realizes a clientserver architecture, the client continuously extracts various features and transfers to the server, and the server’s major task is to detect anomaly using state-of-art detection algorithms implemented as anomaly detectors. Multiple distribu...
متن کاملAccurate mobile malware detection and classification in the cloud
As the dominator of the Smartphone operating system market, consequently android has attracted the attention of s malware authors and researcher alike. The number of types of android malware is increasing rapidly regardless of the considerable number of proposed malware analysis systems. In this paper, by taking advantages of low false-positive rate of misuse detection and the ability of anomal...
متن کاملAn artificial immunity approach to malware detection in a mobile platform
Inspired by the human immune system, we explore the development of a new Multiple-Detector Set Artificial Immune System (mAIS) for the detection of mobile malware based on the information flows in Android apps. mAISs differ from conventional AISs in that multiple-detector sets are evolved concurrently via negative selection. Typically, the first detector set is composed of detectors that match ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012