Signature Based Malicious Behavior Detection in Android

There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

Abstract

User’s security and privacy are of increasing concern with the popularity of Android and its applications. Apps of malicious nature attempts to perform activities like information leakage and user profiling, detection of which is a challenge for security researchers. In this paper, we try to solve this problem by proposing a behavior based approach to detect malicious nature of applications in Android. Events and behavioral activities of an application are used to generate signature, which then is matched with signature database for detection. Behavioral signatures are designed on the basis of information leakage attempt, jailbreak attempt, abuse of root privilege and access of critical permissions. 260 popular apps of different nature were evaluated in addition to 42 android apps, which were flagged malicious by Government of India. The proposed system shows promising results to detect malicious behaviors. It also defines the nature of malicious activity exploited by an app.

Related collections

Most cited references 8

Record: found
Abstract: not found
Article: not found

MADAM: Effective and Efficient Behavior-based Android Malware Detection and Prevention

Andrea Saracino, Daniele Sgandurra, Gianluca Dini … (2018)

0 comments Cited 30 times – based on 0 reviews      Review now

Bookmark

Record: found
Abstract: not found
Article: not found

DroidCat: Effective Android Malware Detection and Categorization via App-Level Profiling

Haipeng Cai, Na Meng, Barbara Ryder … (2018)

0 comments Cited 27 times – based on 0 reviews      Review now

Bookmark

Record: found
Abstract: not found
Article: not found

ICCDetector: ICC-Based Malware Detection on Android

Ke Xu, Yingjiu Li, Robert Deng (2016)

0 comments Cited 21 times – based on 0 reviews      Review now

Bookmark

All references

Author and article information

Contributors

Nirbhay Chaubey: nirbhay.chaubey@ganpatuniversity.ac.in

Satyen Parikh: satyen.parikh@ganpatuniversity.ac.in

Kiran Amin: kiran.amin@ganpatuniversity.ac.in

Vikas Sihag:

ORCID: http://orcid.org/0000-0002-2120-1296

vikas.sihag@policeuniversity.ac.in

Ashawani Swami: spu16cs04@policeuniversity.ac.in

Manu Vardhan:

ORCID: http://orcid.org/0000-0003-2944-7896

mvardhan.cs@nitrr.ac.in

Pradeep Singh: psingh.cs@nitrr.ac.in

Journal

Journal ID (publisher-id): 978-981-15-6648-6

Journal ID (doi): 10.1007/978-981-15-6648-6

Journal ID (nlm-ta): Computing Science, Communication and Security

Title: Computing Science, Communication and Security

Subtitle: First International Conference, COMS2 2020, Gujarat, India, March 26–27, 2020, Revised Selected Papers

ISBN (Print): 978-981-15-6647-9

ISBN (Electronic): 978-981-15-6648-6

Publication date (Electronic): 08 June 2020

Publication date Collection: 2020

Volume: 1235

Pages: 251-262

Affiliations

[6 ]GRID grid.427705.3, ISNI 0000 0004 1806 4993, Ganpat University, ; Gujarat, India

[7 ]GRID grid.427705.3, ISNI 0000 0004 1806 4993, Ganpat University, ; Gujarat, India

[8 ]GRID grid.427705.3, ISNI 0000 0004 1806 4993, Ganpat University, ; Gujarat, India

[9 ]Sardar Patel University of Police, Security and Criminal Justice, Jodhpur, India

[10 ]GRID grid.444688.2, ISNI 0000 0004 1775 3076, National Institute of Technology, Raipur, ; Raipur, India

Author information

Vikas Sihag http://orcid.org/0000-0002-2120-1296

Manu Vardhan http://orcid.org/0000-0003-2944-7896

Article

Publisher ID: 20

DOI: 10.1007/978-981-15-6648-6_20

PMC ID: 7971767

SO-VID: f7c91a7b-9929-4ffa-a6de-3d1f0cf29529

License:

This article is made available via the PMC Open Access Subset for unrestricted research re-use and secondary analysis in any form or by any means with acknowledgement of the original source. These permissions are granted for the duration of the World Health Organization (WHO) declaration of COVID-19 as a global pandemic.