Spreitzenbarth, Michael and Schreck, Thomas and Echtler, Florian and Arp, Daniel and Hoffmann, Johannes (2015) Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 14 (2). pp. 141-153. ISSN 1615-5262, 1615-5270
Full text not available from this repository. (Request a copy)Abstract
Smartphones in general and Android in particular are increasingly shifting into the focus of cyber criminals. For understanding the threat to security and privacy, it is important for security researchers to analyze malicious software written for these systems. The exploding number of Android malware calls for automation in the analysis. In this paper, we present Mobile-Sandbox, a system designed to automatically analyze Android applications in novel ways: First, it combines static and dynamic analysis, i.e., results of static analysis are used to guide dynamic analysis and extend coverage of executed code. Additionally, it uses specific techniques to log calls to native (i.e., "non-Java") APIs, and last but not least it combines these results with machine-learning techniques to cluster the analyzed samples into benign and malicious ones. We evaluated the system on more than 69,000 applications from Asian third-party mobile markets and found that about 21 % of them actually use native calls in their code.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | ; Android; Malware; Automated analysis; Machine learning |
| Subjects: | 000 Computer science, information & general works > 004 Computer science |
| Divisions: | Languages and Literatures > Institut für Information und Medien, Sprache und Kultur (I:IMSK) > Lehrstuhl für Medieninformatik |
| Depositing User: | Dr. Gernot Deinzer |
| Date Deposited: | 22 Jul 2019 14:16 |
| Last Modified: | 22 Jul 2019 14:16 |
| URI: | https://pred.uni-regensburg.de/id/eprint/5730 |
Actions (login required)
 |
View Item |
