Detection and Identification of Android Malware Based on Information Flow Monitoring - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2015

Detection and Identification of Android Malware Based on Information Flow Monitoring

Résumé

Information flow monitoring has been mostly used to detect privacy leaks. In a previous work, we showed that they can also be used to characterize Android malware behaviours and in the current one we show that these flows can also be used to detect and identify Android malware. The characterization consists in computing automatically System Flow Graphs that describe how a malware disseminates its data in the system. In the current work, we propose a method that uses these SFG- based malware profile to detect the execution of Android malware by monitoring the information flows they cause in the system. We evaluated our method by monitoring the execution of 39 malware samples and 70 non malicious applications. Our results show that our approach detected the execution of all the malware samples and did not raise any false alerts for the 70 non malicious applications.
Fichier principal
Vignette du fichier
main.pdf (146.52 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01191595 , version 1 (25-11-2015)

Identifiants

Citer

Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong. Detection and Identification of Android Malware Based on Information Flow Monitoring. The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), Nov 2015, New York, United States. ⟨10.1109/cscloud.2015.27⟩. ⟨hal-01191595⟩
270 Consultations
589 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More