Title :
Mobile malware exposed
Author :
Salman, Alaa ; Elhajj, Imad H. ; Chehab, Ali ; Kayssi, Ayman
Author_Institution :
Electr. & Comput. Eng., American Univ. of Beirut, Beirut, Lebanon
Abstract :
In this paper, we propose a new method to detect malicious activities on mobile devices by examining an application´s runtime behavior. To this end, we use the Xposed framework to build a monitoring module that generates behavior profiles for applications. The module integrates with our intrusion detection system which then analyzes and reports on the profiles. We use this tool to detect malicious behavior patterns using both a custom-written malware and a real one. We also detect behavior patterns for some popular applications from the Google Play Store to expose their functionality. The results show that standard techniques that are used to evade static analysis are not effective against our monitoring approach. This approach can also be generalized to detect unknown malware or expose exact application behavior to the user.
Keywords :
invasive software; mobile computing; program diagnostics; Google Play Store; Xposed framework; custom-written malware; intrusion detection system; malicious activity detection; malicious behavior pattern detection; mobile devices; mobile malware; static analysis; Androids; Google; Humanoid robots; Libraries; Malware; Monitoring; Smart phones; behavior profiling; dynamic analysis; intrusion detection;
Conference_Titel :
Computer Systems and Applications (AICCSA), 2014 IEEE/ACS 11th International Conference on
DOI :
10.1109/AICCSA.2014.7073206
