| In recent years,smart phones have become an indispensable part of people's daily lives.The general public use their smartphones for instant messaging,surfing the Internet,sending and receiving emails,taking pictures,participating in activit ies,teaching classes,and so on.Android is the most widely used smart phone operating system.Its design takes into account the system's performance,usability,security and development convenience,and is welcomed by the majority of users.At the same time,the Android platform has also become an active site for many malicious code developers to accelerate the spread of mobile malware.Malware based on the Android platform poses a serious threat to users' privacy and property.Due to the openness of the Android system,most users are unaware that the software they download in the third-party market may have a large security risk.The types of malicious software are various.Some malicious applications acquire private user information including location information,message content,list of contacts and various types of password information without the user's knowledge or authorizat io n.Others lure users to achieve improper purposes by tampering,hijacking of SMS,mail,address book and so on.There are also some malicious applications that can automatically infect other files on the device,causing the device to fail to work.The traditional malware detection methods use static analysis technology to identify malicious patterns of unknown Android applications by reviewing malicious features and codes.However,this method is difficult to detect new types of malic io us applications.Then,dynamic analysis technology was used to determine whether there is malicious behavior by actual y running the Android application.Nevertheless,dynamic analysis technology can't test all the Android application's running path,while leading to excessive consumption of the detection system.This paper focuses on the privacy and security issues caused by malware based on the Android platform.We analyze the malware evolution and propose a new malware detection method combining traditional static analysis techniques.The main work includes the following aspects:(1)This paper firstly proposes an effective and scalable malware detection approach,which utilizing the tensor decomposition to resolve resource limitation.The accuracy of this method shown in the experimental result is higher than some famous industrial malware detections.(2)Then,we propose a hybrid detection system,TFBOOST,which incorporates the Tensor Filter algorithm into Boosting ensemble generalization architecture,in order to improve the Android malware efficacy.Results show that TFBOOST generally outperforms state-of-art ensemble algorithms with higher detection precision and lower false positive rates.(3)Finally,we collect 189 Android malware families that represent the state-of-theart.By exploiting eight attributes of malware files,Android malware families are further classified.The paper then takes an evolution-based study that characterizes the distribution of malware to follow the trend of malware transformation. |
PDF Full Text Request