Optimal performance counter events for detecting Android malware

Posted on:2014-11-07

Degree:M.S.S.E

Type:Thesis

University:The University of Alabama in Huntsville

Candidate:Stinson, Hunter

Full Text:PDF

GTID:2458390008458714

Subject:Engineering

Abstract/Summary:

This work uses salience testing techniques to identify the best performance counter events for detecting malware on Android devices. Modifications were made to a Linux kernel module to enable monitoring and logging of performance counter events. Numerous experiments combining different performance counter events were conducted, and a variety of data aggregation and classification techniques were evaluated. Experiment results were analyzed as to determine how well certain combinations of performance counter events classify applications as malware or non-malware. Results indicate that there are combinations of performance counter events that do much better at detecting malware than those presented in prior work.

Keywords/Search Tags:

Performance counter events, Malware

Related items

1	A Non-deterministic Events Log System Based On The Paravirtual VM Xen
2	Research On Key Technologies Of Performance Data Mining And Algorithmic Optimization Based On Mobile Processor
3	Voice and image encryption, and, performance analysis of counter mode advanced encryption standard for wimax
4	Study Of Distance Deception Jamming Counter-Counter Measures And Implement Based On Jammer’s Character
5	Research On Key Technology Of Malware Detection
6	Research And Design Of Malware Detection Of Terminal Devices In IoT Networks
7	Debugging Of Multi-core Architecture Performance
8	The Legalization Of Government Counter Measures To Network Public Opinion Events
9	The Counter Flow Wet-cooling Tower Thermal Performance Monitoring System And Remote Monitoring Platform Based On CFD
10	Malware Detection Based On Convolutional Neural Network And Hardware Features