Search for contacts, projects,
courses and publications

A General Practitioner or a Specialist for Your Infected Smartphone?

Additional information

Authors
Milosevic J., Ferrante A., Malek M.
Type
Report in scientific conference
Year
2015
Language
English
Abstract
With explosive growth in the number of mobile devices, the mobile malware is rapidly spreading as well, and the number of encountered malware families is increasing. Existing solutions, which are mainly based on one malware detector running on the phone or in the cloud, are no longer effective. Main problem lies in the fact that it might be impossible to create a unique mobile malware detector that would be able to detect different malware families with high accuracy, being at the same time lightweight enough not to drain battery quickly and fast enough to give results of detection promptly.The proposed approach to mobile malware detection is analogous to general practitioner versus specialist approach to dealing with a medical problem. Similarly to a general practitioner that, based on indicative symptoms identifies potential illnesses and sends the patient to an appropriate specialist, our detection system distinguishes among symptoms representing different malware families and, once the symptoms are detected, it triggers specific analyses. A system monitoring application operates in the same way as a general practitioner. It is able to distinguish between different symptoms and trigger appropriate detection mechanisms. As an analogy to different specialists, an ensemble of detectors, each of which specifically trained for a particular malware family, is used. The main challenge of the approach is to define representative symptoms of different malware families and train detectors accordingly to them. The main goal of the poster is to foster discussion on the most representative symptoms of different malware families and to discuss initial results in this area obtained by using Malware Genome project dataset.
Month
May
Publisher
IEEE Computer Society Technical Committee on Security and Privacy
Meeting name
36th IEEE Symposium on Security and Privacy
Meeting place
San Jose, California, USA
Meeting date
May 18-20, 2015
Keywords
Android, feature selection, malware detection, PCA, security