Detection and Identification of Android Malware Based on Information Flow Monitoring

Radoniaina Andriatsimandefitra 1 Valérie Viet Triem Tong 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Information flow monitoring has been mostly used to detect privacy leaks. In a previous work, we showed that they can also be used to characterize Android malware behaviours and in the current one we show that these flows can also be used to detect and identify Android malware. The characterization consists in computing automatically System Flow Graphs that describe how a malware disseminates its data in the system. In the current work, we propose a method that uses these SFG- based malware profile to detect the execution of Android malware by monitoring the information flows they cause in the system. We evaluated our method by monitoring the execution of 39 malware samples and 70 non malicious applications. Our results show that our approach detected the execution of all the malware samples and did not raise any false alerts for the 70 non malicious applications.
Type de document :
Communication dans un congrès
The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), Nov 2015, New York, United States. The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), 2015, 〈http://csis.pace.edu/CSCloud/〉
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01191595
Contributeur : Radoniaina Andriatsimandefitra <>
Soumis le : mercredi 25 novembre 2015 - 03:26:45
Dernière modification le : vendredi 15 juin 2018 - 16:18:01
Document(s) archivé(s) le : samedi 29 avril 2017 - 00:56:11

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01191595, version 1

Citation

Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong. Detection and Identification of Android Malware Based on Information Flow Monitoring. The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), Nov 2015, New York, United States. The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), 2015, 〈http://csis.pace.edu/CSCloud/〉. 〈hal-01191595〉

Partager

Métriques

Consultations de la notice

704

Téléchargements de fichiers

381