Abstract
An Android malware detection system is designed and implemented to focus on the problem that malware on Android becomes widespread. The system combines static and dynamic analysis technologies. The APK features such as permission, API call sequences, component, resource and structure are extracted to form a feature vector in static analysis, and a similarity-based method is proposed to detect known malware samples using these features. Android source code is then updated to generate new kernel images in dynamic analysis. The new kernel images can monitor the Android program's behaviors such as file reading and writing, network connection, SMS sending and telephone calling, etc. Thus, unknown malware samples can be successfully identified through analyzing these behaviors. Experimental results show that the proposed system is efficient and performs well on detecting Android malware. The proposed system has been released online and free use of the system is available on the Internet.
| Original language | English |
|---|---|
| Pages (from-to) | 37-43 |
| Number of pages | 7 |
| Journal | Hsi-An Chiao Tung Ta Hsueh/Journal of Xi'an Jiaotong University |
| Volume | 47 |
| Issue number | 10 |
| DOIs | |
| State | Published - Oct 2013 |
Keywords
- Android
- Dynamic analysis
- Malware detection
- Static analysis