• No results found

Index Terms: Smart phones, Malwares, security, permission violation, malware detection, mobile devices, Android, security

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Index Terms: Smart phones, Malwares, security, permission violation, malware detection, mobile devices, Android, security"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Permission Based Malware Detection Approach Using Naive

Bayes Classifier Technique For Android Devices.

Pranay Kshirsagar, Pramod Mali, Hrishikesh Bidwe. Department Of Information Technology G. S. Moze College of Engineering, Pune, India

kshirsagarpranay@gmail.com , malipramod235@gmail.com , bidwehrishikesh@gmail.com A B S T R A C T

Mobile computing has grown over period of 5 years with a great popularity. Devices such as Smart phones, PDA’s and Tablets have become popular by increasing number and complexity of their capabilities. Android has become the main target of Malware developers in past few years. The malware threat for mobile phones is expected to increase with the functionality enhancement of mobile phones. In fact malicious applications and hackers are taking advantage of both the limited capabilities and lack of standard security mechanism. One of Android`s main defense mechanism against malicious apps is a permission based access control mechanism. So, it becomes necessary to have some effective and probabilistic detection and preventive mechanisms.

Index Terms: Smart phones, Malwares, security, permission violation, malware detection, mobile devices, Android, security

I. INTRODUCTION

A. Need

Mobile computing has grown in recent years with a great popularity. Devices, such as Smartphone, Tablets and PDAS, have become popular by increasing the number and complexity of their capabilities. The malware threat for mobile phones is expected to increase with the functionality enhancement of mobile phones. In fact, malicious users and hackers are taking advantage of both the limited capabilities of mobile devices and the lack of standard security mechanisms. So, it becomes necessity of users to have effective and probabilistic detection and prevention techniques. Our system will monitor various permission based features and events obtained from the android applications, and analyze these features by using machine learning classifiers to detect whether the application is good ware or malware.

(2)

The Entry of Malwares in an Android device causes the performance issues such as Junk Code insertion, code integration; security issues such as, renaming, memory access reordering and session hijacking. At this point of infection, the virus hijacks the control of the program after the program has been launched, overwrite program, import table addresses and function call instructions, program or inject its code into unused sections of a program code.

On the other hand, malware has some basic strategies adopted on a cell phone viz;

• By creating a new process to launch its attack.

• By redirecting the program flow of a legitimate application in order to execute its malicious code within a legitimate security context (e.g. messaging process).

• By access to personal data for a purpose of misuse.

II. ADVANTAGES

A. Secure Messaging

Phones however, may vary in their abilities to interact securely with the business network. Usage of anti-malware applications lets the application to interact safely with these services without opening up security holes. The even better approach will be to remove device from network as per the security provisions.

B. Content Management

The android mobiles have content in the form of images, videos, documents, etc. The secure management of these contents is much important issue while dealing with mobile data security. The usage of anti-malware applications lets the android user to care for their data by assuring them content security of their data.

C. An Integrated Firewall

Smart phones generally, do not include a firewall. Mobile data security applications cover up this lack, enforcing firewall capacities on these devices which lets the android device to stay safe from malicious attacks.

D. Integration of device performance

The infection of malware causes insertion of junk codes and creating unnecessary processes which causes degradation of performance. The usage of anti-malware applications lets the android user to integrate the device performance in the sense of disallowing junk code insertion.

III. PROPOSED SYSTEM

• In our system, we proposed the more comprehensive detection techniques than the existing ones.

• Our proposed malware detection approach is based on apps permissions checking those request the access to resources.

(3)

• With application of data mining we have identified real permissions required by the application, and adopted the features by that application. With extraction of apps permission from their .apk file

• The probabilities will be calculated with Naïve bayes classifier to detect whether the application is goodware or malware.

• 5. The blacklisting will be provided for malicious applications.

IV. OBJECTIVES

• To provide more comprehensive protection.

• To improve the system performance.

• Securing the access to device resources.

• Blocking the sources of malicious application

V. ARCHITECTURE OF SYSTEM

Figure 2. Malware Detection Framework

As shown in above architecture diagram, the proposed system has focus on malware detection using permission based approach. For the said initiative, the resource access permissions are extracted from file androidmanifest.xml showing the currently acquired permissions by an application. Following are some the permissions requested by application while at the time of installation.

1.

android.permission.CHANGE_CONFIGURATION-It permits the application to change the configuration of system; may alter the resource usage permission for user of their mobile device. This could make user unable to use their device resources.

2. android.permission.CALL_PHONE-

(4)

3. android.permission.INTERNET-

The application request access to INTERNET permission when application is installed. The user can allow this permission request because they do not know this permission request is important or not. Every application does not require this permission request. If an application does not require INTERNET permission but if it requests the same, this application cannot be defined as normal application. INTERNET permission request is one of the dangerous features because the malware application can send user privacy information or personal data to their websites.

4. android.permission.WRITE_SMS-

It permits the application to write the message without any notification to user.

5. android.permission.SEND_SMS-

The application can send SMS message so that the money can be lost by installing similar applications with this permission request.

For each Android application, we will retrieve several selected features from the corresponding application package (APK) file. In addition, we could identify real permissions required by the application, and adopted the features for malware detection. The values of selected features are stored as a binary number (0 or 1)

The malware database at server will have the history of previously known malwares and trained data set developed using data mining technique. Where the prediction will be done using the Naïve Bayes classifier Technique. Using this technique we could easily and probably identify whether the application is malware or good ware.

VI. FUTURE SCOPE

The described technique deals with malwares that enters the system or mobile devices through violation of resource access permission. This helps to keep system protected from malwares. As a future work, we are looking towards malware detection based on their semantic with automation.

VII. CONCLUSION

To provide well-rounded protection for android devices, a security suite such as more comprehensive and effective mechanism is needed for the protection of android smartphones from malwares and malicious applications.

VIII. REFERENCES

[1] V. Rastogi, Y. Chen, and X. Jiang, “DroidChameleon” in Proc. ACMASIACCS, May 2013, pp. 329– 334.

[2] M. Fredrikson, S. Jha, M. Christodorescu, R. Sailer, and X. Yan, “Synthesizing near-optimal malware specifications from suspicious behaviors,” in Proc. IEEE Symp. SP, May 2010, pp. 45–60.

(5)

[3] Y. Zhou and X. Jiang, “Dissecting android malware: Characterization and evolution,” in Proc. IEEE Symp. Security Privacy, May 2012,pp. 95–109.

[4] V. Rastogi, Y. Chen, and X. Jiang, “Catch Me If You Can: Evaluating Android antimalware against transformation attacks,” in Proc. IEEE Symp. SP, January 2014.

[5] Cen L, Gates C, “A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code ,” in secure computing, Sep2014.

[6] Xing Liu, Jiqiang Liu, “A Two-layered Permission-based Android Malware Detection Scheme,” in Proc. IEEE Symp. Mobile Cloud Computing, 2014.

[7] M. Fredrikson, S. Jha, M. Christodorescu, R. Sailer, and X. Yan, “Synthesizing near-optimal malware specifications from suspicious behaviors,” in Proc. IEEE Symp. SP, May 2010, pp. 45–60.

[8] Y. Zhou and X. Jiang, “Dissecting android malware: Characterization and evolution,” in Proc. IEEE Symp. Security Privacy, May 2012, pp. 95–109.

[9] Zarni Aung, Win Zaw, “Permission-Based Android Malware Detection”, in Proc. IJSTR, MARCH 2013

References

Download now ( PDF - 5 Page - 132.21 KB )

Related documents

JOB DESCRIPTION. Job title: Technical Officer Location: Provincial level (Manica) Department: Technical Length of contract: Fixed

This role has an important capacity building function, which involves working closely with the Provincial and district partners, including the APEs, health

Effect of Welding Speed on Mechanical Properties of Dissimilar Friction Stir Welded AA5083-H321 and AA6061-T6 Aluminum Alloys

From the observed microstructure, the joints fabricated at the condition with the tool rotation speed of 1120rpm, weld speed of 80 mm/min and tool tilt angle of 2.5 0

MUTIFRACTAL ANALYSIS FOR POINTWISE HOLDER EXPONENTS OF THE COMPLEX TAKAGI FUNCTIONS IN RANDOM COMPLEX DYNAMICS (The Theory of Random Dynamical Systems and Its Applications)

Sumi, Pointwise Hölder Exponents of the Complex Analogues of the Takagi Function in Random Complex. Dynamics, preprint

Lessons Learned from MDG Monitoring From A Statistical Perspective

As mandated by the United Nations Statistical Commission (UNSC), the IAEG-MDG also helps to improve data and methodologies for the monitoring of the MDGs and define priorities

Forecasting Cycles in the Transportation Sector

index closely matches the swings in inventory change and hence is a leading indicator of business cycles; the PMI-all index matches every business cycle with an

KEY SUCCESS/FAILURE FACTORS AND THEIR IMPACTS ON SYSTEM PERFORMANCE OF WEB-BASED PROJECT MANAGEMENT SYSTEMS IN CONSTRUCTION

improvements are obvious to most practitioners, while the benefits related to cost savings, quality improvement, and risk management still remain unsatisfied. Yet all the six

Trade name BMW part number Container size

Shell Helix Plus Extra SAE 5W-40 Shell International Petroleum Company. Shell Helix Plus S SAE 5W-40 Shell International