Browse > Article
http://dx.doi.org/10.7840/kics.2015.40.8.1551

Android Malware Detection Using Auto-Regressive Moving-Average Model  

Kim, Hwan-Hee (Dept. of Computer Science, Kangwon National University)
Choi, Mi-Jung (Dept. of Computer Science, Kangwon National University)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.40, no.8, 2015 , pp. 1551-1559 More about this Journal
Abstract
Recently, the performance of smart devices is almost similar to that of the existing PCs, thus the users of smart devices can perform similar works such as messengers, SNSs(Social Network Services), smart banking, etc. originally performed in PC environment using smart devices. Although the development of smart devices has led to positive impacts, it has caused negative changes such as an increase in security threat aimed at mobile environment. Specifically, the threats of mobile devices, such as leaking private information, generating unfair billing and performing DDoS(Distributed Denial of Service) attacks has continuously increased. Over 80% of the mobile devices use android platform, thus, the number of damage caused by mobile malware in android platform is also increasing. In this paper, we propose android based malware detection mechanism using time-series analysis, which is one of statistical-based detection methods.We use auto-regressive moving-average model which is extracting accurate predictive values based on existing data among time-series model. We also use fast and exact malware detection method by extracting possible malware data through Z-Score. We validate the proposed methods through the experiment results.
Keywords
Malware-detection; Android; Auto-regressive; Moving-average; Time-series;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 M. Chandramohan and Hee Beng Kuan Tan, "Detection of mobile malware in the wild," Computer, vol. 45, no. 9, pp. 65-71, 2012.   DOI
2 F-secure, 2013 mobile threat report, 2013.
3 F-secure, Mobile threat report Q1 2014, 2014.
4 H.-S. Ham, H.-H. Kim, M.-S. Kim, and M.-J. Choi, "Linear SVM-based android malware detection," Frontier and innovation in future computing and communications, vol. 301, pp. 575-585, Apr. 2014.   DOI   ScienceOn
5 I. D. Corporation, Worldwide quarterly mobile phone tracker 3Q13, Nov. 2013.
6 S.-H. Yoon and M.-S. Kim, "Behavior based signature extraction method for internet application traffic identification," J. KICS, vol. 38B, no. 5, pp. 368-376, 2013.   DOI
7 K. Kim and M. Choi, "Linear SVM-based android malware detection and feature selection for performance improvement," J. KICS, vol. 39C, no. 8, pp. 738-745, 2014.   DOI
8 S. Arzt, et al., "FlowDroid: precise context, flow, field, object-sensitive and lifecycleaware taint analysis for android apps," in Proc. 35th ACM SIGPLAN Conf. Programing Language Design and Implementation, pp. 259-269, Edinburgh, UK, Jun. 2014.
9 K. Woo and C. Kim, "Internet worm propagation modeling using a statistical method," J. KICS, vol. 37B, no. 3, pp. 212-218, 2012.
10 H. Akaike, "Maximum likelihood identification of gaussian autoregressive moving average models," Biometrika, vol. 60, no. 2, pp. 255-265, 1973.   DOI   ScienceOn
11 A. M. Bahaa-Eldin, "Time series analysis based models for network abnormal traffic detection," Int. Conf. Computer Engineering & Systems(ICCES), pp. 64-70, Cairo, 2011.
12 Y. Lai, et al., "On monitoring and predicting mobile network traffic abnormality," Simulation Modeling Practice and Theory, vol. 50, pp. 176-188, 2014.
13 Ahnlab, Ahnlab ASEC Report 2013, 2013.
14 Bell Lab, CRAN R, Retrieved Nov. 12, 2014, from http://www.r-project.org.