Detection and Identification of Android Malware Based on Information Flow Monitoring - Archive ouverte HAL Access content directly
Conference Papers Year : 2015

Detection and Identification of Android Malware Based on Information Flow Monitoring

(1) , (1)
1

Abstract

Information flow monitoring has been mostly used to detect privacy leaks. In a previous work, we showed that they can also be used to characterize Android malware behaviours and in the current one we show that these flows can also be used to detect and identify Android malware. The characterization consists in computing automatically System Flow Graphs that describe how a malware disseminates its data in the system. In the current work, we propose a method that uses these SFG- based malware profile to detect the execution of Android malware by monitoring the information flows they cause in the system. We evaluated our method by monitoring the execution of 39 malware samples and 70 non malicious applications. Our results show that our approach detected the execution of all the malware samples and did not raise any false alerts for the 70 non malicious applications.
Fichier principal
Vignette du fichier
main.pdf (146.52 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01191595 , version 1 (25-11-2015)

Identifiers

Cite

Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong. Detection and Identification of Android Malware Based on Information Flow Monitoring. The 2nd IEEE International Conference on Cyber Security and Cloud Computing (CSCloud 2015), Nov 2015, New York, United States. ⟨10.1109/cscloud.2015.27⟩. ⟨hal-01191595⟩
254 View
550 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More