SAFEDroid: Using Structural Features for Detecting Android Malwares


Sen S., Aysan A. I., Clark J. A.

13th EAI International Conference on Security and Privacy in Communication Networks (SecureComm), Niagara Falls, Canada, 22 - 25 October 2017, vol.239, pp.255-270 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 239
  • Doi Number: 10.1007/978-3-319-78816-6_18
  • City: Niagara Falls
  • Country: Canada
  • Page Numbers: pp.255-270
  • Hacettepe University Affiliated: Yes

Abstract

Mobile devices have become a popular target for attackers, whose aims are to harm the devices, illegally obtain personal information and ultimately to reap financial benefit. In order to detect such malicious attempts, security solutions based on static analysis are mainly preferred due to resource-constraints of these devices. However, in general, static analysis-based solutions are not very effective against new mobile malwares and new variants of existing mobile malwares appear on a daily basis. In this study, new features for static analysis are investigated in order to detect mobile malwares. While studies found in the literature mostly employ API calls and permissions, this current study explores some novel structural features. Results show the relative effectiveness of these features on malware detection. Furthermore, it is shown that these features detect new malwares better than solely applying API-based features.