Title :
A hidden Markov model detection of malicious Android applications at runtime
Author :
Yang Chen ; Ghorbanzadeh, Mo ; Ma, Kwan-Liu ; Clancy, Charles ; McGwier, Robert
Author_Institution :
Dept. of Comput. Sci., Virginia Tech, Falls Church, VA, USA
Abstract :
A hidden Markov model approach is leveraged to detect potentially malicious Android applications at runtime based on analyzing the Intents passing through the binder. Real world applications are emulated, their Intents are parsed, and, after appropriate discretization of the Intent action fields, they train the hidden Markov models for recognizing anomalous and benign Android application behaviors. The inferred stochastic processes can probabilistically estimate whether an application is performing a malicious or benign action as it is running on the device. Such a decision is realized through a maximum likelihood estimation. The results show that the method is capable of detecting malicious Android applications as they run on the platform.
Keywords :
Android (operating system); hidden Markov models; maximum likelihood estimation; mobile computing; security of data; Android application behaviors; hidden Markov model detection; malicious Android applications; maximum likelihood estimation; real world applications; stochastic processes; Androids; Hidden Markov models; Humanoid robots; Runtime; Security; Smart phones; Training;
Conference_Titel :
Wireless and Optical Communication Conference (WOCC), 2014 23rd
Conference_Location :
Newark, NJ
DOI :
10.1109/WOCC.2014.6839912
