Skip to Main content Skip to Navigation
Conference papers

Detection and Identification of Android Malware Based on Information Flow Monitoring

Radoniaina Andriatsimandefitra 1 Valérie Viet Triem Tong 1
1 CIDRE - Confidentialité, Intégrité, Disponibilité et Répartition
CentraleSupélec, Inria Rennes – Bretagne Atlantique , IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Information flow monitoring has been mostly used to detect privacy leaks. In a previous work, we showed that they can also be used to characterize Android malware behaviours and in the current one we show that these flows can also be used to detect and identify Android malware. The characterization consists in computing automatically System Flow Graphs that describe how a malware disseminates its data in the system. In the current work, we propose a method that uses these SFG- based malware profile to detect the execution of Android malware by monitoring the information flows they cause in the system. We evaluated our method by monitoring the execution of 39 malware samples and 70 non malicious applications. Our results show that our approach detected the execution of all the malware samples and did not raise any false alerts for the 70 non malicious applications.
Document type :
Conference papers
Complete list of metadata

Cited literature [13 references]  Display  Hide  Download
Contributor : Radoniaina Andriatsimandefitra Connect in order to contact the contributor
Submitted on : Wednesday, November 25, 2015 - 3:26:45 AM
Last modification on : Tuesday, October 19, 2021 - 11:58:56 PM
Long-term archiving on: : Saturday, April 29, 2017 - 12:56:11 AM


Files produced by the author(s)



Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong. Detection and Identification of Android Malware Based on Information Flow Monitoring. The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), Nov 2015, New York, United States. ⟨10.1109/cscloud.2015.27⟩. ⟨hal-01191595⟩



Les métriques sont temporairement indisponibles