Browse > Article
http://dx.doi.org/10.13089/JKIISC.2015.25.6.1341

Androfilter: Android Malware Filter using Valid Market Data  

Yang, Wonwoo (Kookmin University Secured Smart Electric Vehicle specialist Education)
Kim, Jihye (Kookmin University Secured Smart Electric Vehicle specialist Education)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.25, no.6, 2015 , pp. 1341-1351 More about this Journal
Abstract
As the popularization of smartphone increases the number of various applications, the number of malicious applications also grows rapidly through the third party App Market or black market. This paper suggests an investigation filter, Androfilter, that detects the fabrication of APK file effectively. Whereas the most of antivirus software uses a separate server to collect, analyze, and update malicious applications, Androfilter assumes Google Play as the trusted party and verifies integrity of an application through a simple query to Google Play. Experiment results show that Androfilter blocks brand new malicious applications that have not been reported yet as well as known malicious applications.
Keywords
Android; APK; Malware; Filter; Anti-malware; Meta-data; live-data; ESD;
Citations & Related Records
연도 인용수 순위
  • Reference
1 eMarketer, "Worldwide Smartphone Usage to Grow 25% in 2014." (2014). http://www.emarketer.com/Article/Worldwide-Smartphone-Usage-Grow-25-2014/1010920
2 FireEye, "Ghost-Hunting With Anti-Virus." 2014.05, "FireEye Blog", https://www.fireeye.com/blog/executive-perspective/2014/05/ghost-hunting-with-anti-virus.html
3 Sahs, Justin, and Latifur Khan. "A machine learning approach to android malware detection." In Intelligence and Security Informatics Conference (EISIC), 2012 European, pp. 141-147. IEEE, Aug. 2012.
4 Burguera, Iker, Urko Zurutuza, and Simin Nadjm-Tehrani. "Crowdroid: behavior-based malware detection system for android." In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26. ACM, Oct. 2011.
5 Zhou, Yajin, and Xuxian Jiang. "Dissecting android malware: Characterization and evolution." In Security and Privacy (SP), 2012 IEEE Symposium on, pp. 95-109. IEEE, May. 2012.   DOI
6 Wu, Dong-Jie, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, and Kuo-Ping Wu. "Droidmat: Android malware detection through manifest and api calls tracing." In Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference on, pp. 62-69. IEEE, Aug. 2012.
7 Yan, Lok-Kwong, and Heng Yin. "DroidScope: Seamlessly Reconstructing the OS and Dalvik Semantic Views for Dynamic Android Malware Analysis." In USENIX security symposium, pp. 569-584. Aug. 2012.
8 Isohara, Takamasa, Keisuke Takemori, and Ayumu Kubota. "Kernel-based behavior analysis for android malware detection." In Computational Intelligence and Security (CIS), 2011 Seventh International Conference on, pp. 1011-1015. IEEE, Dec. 2011.
9 Grace, Michael, Yajin Zhou, Qiang Zhang, Shihong Zou, and Xuxian Jiang. "Riskranker: scalable and accurate zero-day android malware detection." In Proceedings of the 10th international conference on Mobile systems, applications, and services, pp. 281-294. ACM, June 2012.
10 Zhou, Yajin, Zhi Wang, Wu Zhou, and Xuxian Jiang. "Hey, You, Get Off of My Market: Detecting Malicious Apps in Official and Alternative Android Markets." In NDSS. Feb. 2012.
11 Pack Seoungsoo, Hwansoo Han , "Similarity Detection for Large Scale Software Using Abstracted Source Code." Journal Korea Information Science Society, 39(1A), 39-41. 2012
12 Sato, Ryo, Daiki Chiba, and Shigeki Goto. "Detecting android malware by analyzing manifest files." Proceedings of the Asia-Pacific Advanced Network 36 (2013): 23-31. Dec. 2013.   DOI
13 Soongchunhang University Industry Academy Cooperation Foundation "Method for Detecting Malicious Code by Permission Management" Korea Patent 1013866050000, 2014.04.11
14 Jang, Jae-wook, Jaesung Yun, Jiyoung Woo, and Huy Kang Kim. "Andro-profiler: anti-malware system based on behavior profiling of mobile malware." In Proceedings of the companion publication of the 23rd international conference on World wide web companion, pp. 737-738. International World Wide Web Conferences Steering Committee, Apr. 2014.
15 www.android.com, "Platform Versions" 2015.08.03. , https://developer.android.com/about/dashboards/index.html?utm_source=suzunone#Platform
16 Morrissey, Michael Gerard, Richard Cannings, Joseph Benjamin Gruver, Angana Ghosh, Jonathan Bruce Larimer, Andrew Devron Stadler, Panayiotis Mavrommatis, Niels Holger Gerhard Konstantin Provos, and Adrian Ludwig. "Protecting users from undesirable content." U.S. Patent Application 13/633,093, filed October 1, 2012.
17 Anti-Virus Comparative File Detection Test of Malicious Software including false alarm test 2015.10.15. http://www.av-comparatives.org/wp-content/uploads/2015/10/avc_fdt_201509_en.pdf