Real-Time Behavior Analysis and Identification for Android Application

Sixian Sun, Xiao Fu, Hao Ruan, Xiaojiang Du, Bin Luo, Mohsen Guizani

Research output: Contribution to journalArticlepeer-review

16 Scopus citations

Abstract

The number of applications based on the Android platform is increasing rapidly now. However, as the supervision and review of Android applications are inadequate, a reasonable chance exists that users will download malware. This malware can lead to information leakage, monetary loss, and other damages. At present, a variety of applications exist for detecting malware, but most of these applications cannot show specific malicious behaviors. Moreover, the operation of this detection software is based on the database of viruses, and thus, it cannot identify unknown malware. To solve these problems, we implemented a system to detect the behaviors of Android applications and identify known or unknown malware. Our system can monitor specified applications utilizing loading a kernel module. After the detection process, the related documents are uploaded to the server, and the dynamic behaviors are reconstructed. As a result, a behavior diagram is generated. In addition, if the user needs to know whether the application is malware, the related Android package is sent to the server and analyzed. Then, the server calculates the results and the results are returned to the client.

Original languageEnglish
Article number8408465
Pages (from-to)38041-38051
Number of pages11
JournalIEEE Access
Volume6
DOIs
StatePublished - 6 Jul 2018

Keywords

  • Android malware
  • behavior analysis
  • dynamic detection
  • software identification

Fingerprint

Dive into the research topics of 'Real-Time Behavior Analysis and Identification for Android Application'. Together they form a unique fingerprint.

Cite this