Escolar Documentos
Profissional Documentos
Cultura Documentos
Karan Bajaj
ABSTRACT
With the rapid arrival of mobile platforms on the market,
android Platform has become a market leader in 2015 Q2,
according to IDC. As Android has ruling most of the market,
the problem of malware threats and security is also increasing.
In this review paper, a fastidious study of the terms related to
mobile malware and the techniques used for the detection of
malware is done. Some proposed methods and type of
approaches used in those methods are also summarized.
General Terms
Pattern Recognition, Permission based detection Technique.
Keywords
Malware, Types
Permissions.
of
malware,
Detection
techniques,
1. INTRODUCTION
Now-days smart-phones are becoming very famous all around
the world. As the study says, among all platforms, Android is
the widely used platform. With the rising pervasiveness of
using these mobile platforms in delicate applications, there is
a problems associated with malware targeted at mobile
devices. A malware could be any code which is added,
changed or removed from an application in order to purposely
cause harm the intended function of the system.
A malware has threatened mobile devices for many years and
android is gaining popularity with time. Seeing this most of
the discovered malwares are aiming at android platform. The
main purpose of intruder is to steal data, personal information,
gaining access to users accounts and establishing control
channels. The performance of a device also depends upon the
type of malware. There are lots of different kinds of malware
such as Ransom-ware, Spyware, Worms, Trojan-horses etc.
Ransom-ware: Ransom-ware hits android in 2014. This is a
type of malware that holds a device to ransom, by clasping it
down so that it cant be used until the owner of the device pay
the hostage-takers.
Spyware: It usually enters the device when free or trial
software is downloaded and installed in any device. It is
installed without any users consent. It poses a threat to device
by using and spreading sensitive information of user.
Worms: Worm is a program whose objective is to
perceptually reproduce it-self and spread from one device to
another by transmitting its own copy via network without any
interaction or authorization of user.
Operating
System
Behaviour
Walkingwat
Android
Ikee
iOS
NMPlugin
Symbian
DroidLight
Android
Privacy-A
iOS
SPIsSaga
Symbian
Geinimi
Android
Shurufa
Symbian
FakePlayer
Android
15
Symbian
SMS.
Ikee.B
iOS
InSpirit
Symbian
16
Fig 2. Static analysis based on system calls, taint analysis and source code
3. LITERATURE SURVEY
So far study of different malware detection methods and
approaches are done. Different malware detection systems are
proposed earlier. Table II shows an academic research on
different malware detection systems. A solution based on
monitoring events occurring on Linux-kernel level is
proposed by Schmidt et al. [9]. They analyze Linux based
tools for improving security and extracting features from the
Linux kernel. After that these features were used to create a
model for the smart-phone behaviour. But they were not able
to test their system because on that time there were no real
Android devices available. Same authors in [11] proposed an
Android application sandbox. They aim to perform static and
dynamic approaches on android applications. In this an
android application sandbox is proposed to detect mistrustful
application.
17
Approach
Detection Method
Platform
Description
Schmidt et al.
HIDS
Signature based
Detection
Android
Blasing et al.
(2010)[11]
HIDS
Signature based
Detection
Android
Portolakidis
et al.
(2010)[12]
HIDS,NIDS
Anomaly based
Detection
Android
Shabtai et al.
(2010)[13]
HIDS
Anomaly based
Detection
Android
Shabtai et al.
(2011)[14]
HIDS
Anomaly based
Detection
Android
Enck et al.
(2010)[15]
HIDS,NIDS
Anomaly based
Detection
Android
Grace et al.
(2012)[16]
HIDS
Signature based
Detection
Android
Egele et al.
(2011)[17]
NIDS
Signature based
Detection
iOS
Burguera et
HIDS
Behaviour based
Detection
Android
(2009) [10]
al. (2011)[18]
18
4. CONCLUSION
Various literatures related to mobile malware detection has
been thoroughly studied and analyzed in this paper. The
various pros and cons of the different techniques have been
discussed and listed. Two major techniques, namely, anomaly
based and signature based techniques, are usually taken up by
researchers. In the signature based techniques, the pattern of
instruction sets is studied and analyzed while in the anomaly
based techniques, the unusual activities are detected. The
review gives an idea of research gaps available in the field. In
future signature based techniques can be enhanced using DNA
matching techniques applied in other domains. Also
permission based strategy can be utilized and a hybrid
technique can be developed for improved performance in
terms of accuracy, precision, recall, etc.
5. ACKNOWLEDGMENT
I would like to express my gratitude to Mr. Karan Bajaj for
his support, help and guidance during my research work. He
has been a constant guiding force and source of illumination.
Finally thank the almighty god with whose grace I am always
motivated and deeply engrossed with my thesis work during
the entire duration from its conception to success.
6. REFERENCES
[1] Schmidt A.D. 2011. Detection of Smartphone Malware,
doctoral diss., Berlin Institute of Technology, Berlin,
Germany.
[2] Landage, J. and Wankhade, M. P. 2013. Malware and
Malware Detection Techniques: A Survey, International
Journal of Engineering Research and Technology, Vol. 2,
no. 12, 2013.
[3] Felt, Porter, A., Finifter, M., Chin, E., Hanna, S. and
Wagner, D. 2011. A survey of mobile malware in the
wild, Proc. 1st ACM workshop on Security and privacy
19
IJCATM : www.ijcaonline.org
20