| Android smart phone,which can run various applications,such as social application(Weibo,etc),games and other applications(GPS,etc)have changed the way people live and communicate.However,with the rising market share of Android smart phone,illegal persons have began to target the Android system.The illegal persons usually modify the popular applications and embed the malicious code into those normal applications,then release the malicious package in the third-party application stores or forums.At present the main form of malwares are the premium-rate SMS-sending trojans which steal the users' property by registering the paid services.Besides,some malwares could steal the private data from the mobile phones.Because static analysis technique only capture static behaviors of Android application,detect Android malware by known characteristics library which cannot detect unknown malware efficiency.Therefore,this paper collects two kinds of dynamic behaviors characteristics during Android application running,namely system call charateristics and network traffic charateristics,and uses machine learning algorithms to learn the dynamic behaviors characteristics of Android malware for purpose of malware detection.To achieve this goal,this paper proposes an Android malware detection approach based on double detection,and implements its protype system.This system first collects system call data and network traffic data by system call hijack and network packet capture techniques when Android application run on Android smartphone,and send the collected data to cloud servers.After the cloud servers receive the data files,the system uses feature selection algorithms to select unique characteristics of dynamic behaviors of Android applications.Then,feed the selected characteristics into classification algorithms to detect Android malware.In the experiment,we first test the CPU utilization of client of this system.The results show that the CPU utilization of client of this system is very low,and would not affect process of other applications.Then,we test feature selection and classification.The results show that feeding the selected characteristics into classification algorithms can achieve higher detection accuracy... |
PDF Full Text Request