Detecting and Classifying Android Malware using Static Analysis along with Creator Information

Thousands of malicious applications targeting mobile devices, including the popular Android platform, are created every day. A large number of those applications are created by a small number of professional under-ground actors, however previous studies overlooked such information as a feature in de...

Full description

Saved in:
Bibliographic Details
Published in:arXiv.org 2019-03
Main Authors: Kang, Hyunjae, Jang, Jae-wook, Aziz Mohaisen, Huy Kang Kim
Format: Article
Language:English
Subjects:
Classification
Electronic devices
Malware
Mobile operating systems
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Thousands of malicious applications targeting mobile devices, including the popular Android platform, are created every day. A large number of those applications are created by a small number of professional under-ground actors, however previous studies overlooked such information as a feature in detecting and classifying malware, and in attributing malware to creators. Guided by this insight, we propose a method to improve on the performance of Android malware detection by incorporating the creator's information as a feature and classify malicious applications into similar groups. We developed a system that implements this method in practice. Our system enables fast detection of malware by using creator information such as serial number of certificate. Additionally, it analyzes malicious be-haviors and permissions to increase detection accuracy. The system also can classify malware based on similarity scoring. Finally, we showed detection and classification performance with 98% and 90% accuracy respectively.
ISSN:2331-8422
DOI:10.48550/arxiv.1903.01618