UPM Institutional Repository

Permission extraction framework for android malware detection


Citation

Ghasempour, Ali (2019) Permission extraction framework for android malware detection. Masters thesis, Universiti Putra Malaysia.

Abstract

Nowadays Android base’s devices have more popularity in compare to other platforms. Statistics represent that market share for Android on mobile devices on March 2018 is 84.8% in compare only 15.1% iOS. These numbers indicate that most of attacks are subjected to Android devices. In addition, most of people are keeping their confidential information on their mobile phone therefore securing Android should taking high concern. Recently there are a lot of researches on detecting malicious applications on Android platform. There are two main approaches for investigation over applications, first static analysis and second behavioral or dynamic analysis. Static analysis mostly focusing on Android Packaging File (APK). On the other hand, dynamic analysis, study on application behavior in isolated environment to analyze intention of application. Due to high number of applications, all of mentioned approaches need automation techniques for classification, however current researches could not provide satisfying accuracy while dealing with large number of applications. To clarify, precision, recall and false positive with growing number of dataset has negative relation. Also this point needs to be considered that, using high number of features can leads to less performance in implementation. Permission is one of noticeable features to expose the intention of developer. In this project, proposed static analysis method for detecting malicious application. The framework is hiring permission extraction approach to label malicious applications by analyzing permissions. Different statistical methods have been used to optimal distinguish malicious and benign applications. Machine learning is used for classification and detection. While increasing input data, model tries to keep detection accuracy in acceptable level. Outcome of proposed framework shows with almost 60,000 number of applications, 94.00% f-score is achievable.


Download File

[img] Text
FSKTM 2019 24 - IR.pdf

Download (1MB)

Additional Metadata

Item Type: Thesis (Masters)
Subject: Malware (Computer software)
Subject: Anomaly detection (Computer security)
Subject: G1 (Smartphone)
Call Number: FSKTM 2019 24
Chairman Supervisor: Assoc. Prof. Dr. Nor Fazlida Mohd Sani
Divisions: Faculty of Computer Science and Information Technology
Depositing User: Ms. Nur Faseha Mohd Kadim
Date Deposited: 23 Oct 2020 09:29
Last Modified: 23 Oct 2020 09:29
URI: http://psasir.upm.edu.my/id/eprint/83855
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item