Extracting Android Malicious Behaviors

Khanh-Huu-The Dam; Tayssir Touili

doi:10.5220/0006288807140723

Extracting Android Malicious Behaviors

Khanh-Huu-The Dam, Tayssir Touili

2017

Abstract

The number of Android malwares is increasing quickly. That makes the Android devices more vulnerable while they are the target of malware’s writers. Thus, the challenge nowadays is to detect the malicious Android applications. To this aim, we need to know what are the malicious behaviors that Android malwares apply. In this paper, we introduce a method to automatically extract the malicious behaviors for Android malware detection. We present the behaviors of an Android application by an API call graph and we use a malicious API graph to represent the malicious behaviors. Then, given a set of malicious and benign applications, we compute the malicious behaviors by extracting from the API call graphs the subgraphs that are relevant to the malicious API call graphs but not relevant to the benign ones. This relevance is measured by applying the TFIDF weighting scheme widely used in the Information Retrieval Community. These malicious API graphs are applied to detect malicious applications. We obtained encouraging results with a recall rate of 92% and a precision of 98%.

Download

Paper Citation

in Harvard Style

Dam K. and Touili T. (2017). Extracting Android Malicious Behaviors . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017) ISBN 978-989-758-209-7, pages 714-723. DOI: 10.5220/0006288807140723

in Bibtex Style

@conference{forse17,
author={Khanh-Huu-The Dam and Tayssir Touili},
title={Extracting Android Malicious Behaviors},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017)},
year={2017},
pages={714-723},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006288807140723},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ForSE, (ICISSP 2017)
TI - Extracting Android Malicious Behaviors
SN - 978-989-758-209-7
AU - Dam K.
AU - Touili T.
PY - 2017
SP - 714
EP - 723
DO - 10.5220/0006288807140723