Mass discovery of android malware behavioral characteristics for detection consideration

Xin Su; Weiqi Shi; Jiuchuan Lin; Xin Wang

doi:10.1007/978-3-030-00012-7_10

Mass discovery of android malware behavioral characteristics for detection consideration

Xin Su
, Weiqi Shi
, Jiuchuan Lin
, Xin Wang

Electrical Engineering

Stony Brook University

Hunan Police Academy
Ministry of Public Security of the People's Republic of China

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Android malware have surged and been sophisticated, posing a great threat to users. The key challenge of detect Android malware is how to discovery their behavioral characteristics at a large scale, and use them to detect Android malware. In this work, we are motivated to discover the discriminatory features extracted from Android APK files for Android malware detection. To achieve this goal, firstly we extract a very large number of static features from each Android application (or app). Secondly, we explain the importance of each kind of feature in Android malware detection. Thirdly, we fed these features into three different classifiers (e.g., SVM, DT, RandomFoerst) for the detection of Android malware. We conduct extensive experiments on large real-world app sets consisting of 6,820 Android malware and 37,581 Android benign apps. The experimental results and our analysis give insights regarding what discriminatory features are most effective to characterize Android malware for building an effective and efficient Android malware detection approach.

Original language	English
Title of host publication	Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers
Editors	Xingming Sun, Zhaoqing Pan, Elisa Bertino
Publisher	Springer Verlag
Pages	101-112
Number of pages	12
ISBN (Print)	9783030000110
DOIs	https://doi.org/10.1007/978-3-030-00012-7_10
State	Published - 2018
Event	4th International Conference on Cloud Computing and Security, ICCCS 2018 - Haikou, China Duration: Jun 8 2018 → Jun 10 2018

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11065 LNCS

Conference

Conference	4th International Conference on Cloud Computing and Security, ICCCS 2018
Country/Territory	China
City	Haikou
Period	06/8/18 → 06/10/18

Access to Document

10.1007/978-3-030-00012-7_10

Cite this

Su, X., Shi, W., Lin, J., & Wang, X. (2018). Mass discovery of android malware behavioral characteristics for detection consideration. In X. Sun, Z. Pan, & E. Bertino (Eds.), Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers (pp. 101-112). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11065 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-00012-7_10

Su, Xin ; Shi, Weiqi ; Lin, Jiuchuan et al. / Mass discovery of android malware behavioral characteristics for detection consideration. Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers. editor / Xingming Sun ; Zhaoqing Pan ; Elisa Bertino. Springer Verlag, 2018. pp. 101-112 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{4eff67c88c8e43ef9429757d59a6331f,

title = "Mass discovery of android malware behavioral characteristics for detection consideration",

abstract = "Android malware have surged and been sophisticated, posing a great threat to users. The key challenge of detect Android malware is how to discovery their behavioral characteristics at a large scale, and use them to detect Android malware. In this work, we are motivated to discover the discriminatory features extracted from Android APK files for Android malware detection. To achieve this goal, firstly we extract a very large number of static features from each Android application (or app). Secondly, we explain the importance of each kind of feature in Android malware detection. Thirdly, we fed these features into three different classifiers (e.g., SVM, DT, RandomFoerst) for the detection of Android malware. We conduct extensive experiments on large real-world app sets consisting of 6,820 Android malware and 37,581 Android benign apps. The experimental results and our analysis give insights regarding what discriminatory features are most effective to characterize Android malware for building an effective and efficient Android malware detection approach.",

author = "Xin Su and Weiqi Shi and Jiuchuan Lin and Xin Wang",

note = "Publisher Copyright: {\textcopyright} Springer Nature Switzerland AG 2018.; 4th International Conference on Cloud Computing and Security, ICCCS 2018 ; Conference date: 08-06-2018 Through 10-06-2018",

year = "2018",

doi = "10.1007/978-3-030-00012-7\_10",

language = "English",

isbn = "9783030000110",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "101--112",

editor = "Xingming Sun and Zhaoqing Pan and Elisa Bertino",

booktitle = "Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers",

}

Su, X, Shi, W, Lin, J & Wang, X 2018, Mass discovery of android malware behavioral characteristics for detection consideration. in X Sun, Z Pan & E Bertino (eds), Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11065 LNCS, Springer Verlag, pp. 101-112, 4th International Conference on Cloud Computing and Security, ICCCS 2018, Haikou, China, 06/8/18. https://doi.org/10.1007/978-3-030-00012-7_10

Mass discovery of android malware behavioral characteristics for detection consideration. / Su, Xin; Shi, Weiqi; Lin, Jiuchuan et al.
Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers. ed. / Xingming Sun; Zhaoqing Pan; Elisa Bertino. Springer Verlag, 2018. p. 101-112 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11065 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Mass discovery of android malware behavioral characteristics for detection consideration

AU - Su, Xin

AU - Shi, Weiqi

AU - Lin, Jiuchuan

AU - Wang, Xin

N1 - Publisher Copyright: © Springer Nature Switzerland AG 2018.

PY - 2018

Y1 - 2018

N2 - Android malware have surged and been sophisticated, posing a great threat to users. The key challenge of detect Android malware is how to discovery their behavioral characteristics at a large scale, and use them to detect Android malware. In this work, we are motivated to discover the discriminatory features extracted from Android APK files for Android malware detection. To achieve this goal, firstly we extract a very large number of static features from each Android application (or app). Secondly, we explain the importance of each kind of feature in Android malware detection. Thirdly, we fed these features into three different classifiers (e.g., SVM, DT, RandomFoerst) for the detection of Android malware. We conduct extensive experiments on large real-world app sets consisting of 6,820 Android malware and 37,581 Android benign apps. The experimental results and our analysis give insights regarding what discriminatory features are most effective to characterize Android malware for building an effective and efficient Android malware detection approach.

AB - Android malware have surged and been sophisticated, posing a great threat to users. The key challenge of detect Android malware is how to discovery their behavioral characteristics at a large scale, and use them to detect Android malware. In this work, we are motivated to discover the discriminatory features extracted from Android APK files for Android malware detection. To achieve this goal, firstly we extract a very large number of static features from each Android application (or app). Secondly, we explain the importance of each kind of feature in Android malware detection. Thirdly, we fed these features into three different classifiers (e.g., SVM, DT, RandomFoerst) for the detection of Android malware. We conduct extensive experiments on large real-world app sets consisting of 6,820 Android malware and 37,581 Android benign apps. The experimental results and our analysis give insights regarding what discriminatory features are most effective to characterize Android malware for building an effective and efficient Android malware detection approach.

UR - https://www.scopus.com/pages/publications/85053923853

U2 - 10.1007/978-3-030-00012-7_10

DO - 10.1007/978-3-030-00012-7_10

M3 - Conference contribution

SN - 9783030000110

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 101

EP - 112

BT - Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers

A2 - Sun, Xingming

A2 - Pan, Zhaoqing

A2 - Bertino, Elisa

PB - Springer Verlag

T2 - 4th International Conference on Cloud Computing and Security, ICCCS 2018

Y2 - 8 June 2018 through 10 June 2018

ER -

Su X, Shi W, Lin J, Wang X. Mass discovery of android malware behavioral characteristics for detection consideration. In Sun X, Pan Z, Bertino E, editors, Cloud Computing and Security - 4th International Conference, ICCCS 2018, Revised Selected Papers. Springer Verlag. 2018. p. 101-112. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-00012-7_10

Mass discovery of android malware behavioral characteristics for detection consideration

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this