Malware detection techniques for mobile devices

Mobile devices have become very popular nowadays, due to its portability and high performance, a mobile device became a must device for persons using information and communication technologies. In addition to hardware rapid evolution, mobile applications are also increasing in their complexity and performance to cover most needs of their users. Both software and hardware design focused on increasing performance and the working hours of a mobile device. Different mobile operating systems are being used today with different platforms and different market shares. Like all information systems, mobile systems are prone to malware attacks. Due to the personality feature of mobile devices, malware detection is very important and is a must tool in each device to protect private data and mitigate attacks. In this paper, analysis of different malware detection techniques used for mobile operating systems is provides. The focus of the analysis will be on the to two competing mobile operating systems - Android and iOS. Finally, an assessment of each technique and a summary of its advantages and disadvantages is provided. The aim of the work is to establish a basis for developing a mobile malware detection tool based on user profiling.Comment: 11 pages, 6 figure

Review of Malware Detection in Android Applications using Dynamic Analysis

Today Android has the biggest market share as compared to other operating system for smart phone. As users are continuously increasing day by day the Security is one of the main concerns for Smartphone users. As the features and power of Smartphone are increase, so that they has their vulnerability for attacks by Malwares. But the android is the operating system which is more secure than any other operating systems available for Smart phones. The Android operating system has very few restrictions for developers and it will increase the security risk for end users. In this paper we have reviewed android security model, application level security in android and its security issues

Review of Malware Defense in Mobile Network using Dynamic Analysis of Android Application

Today Android has the biggest market share as compared to other operating system for smart phone. As users are continuously increasing day by day the Security is one of the main concerns for Smartphone users. As the features and power of Smartphone are increase, so that they has their vulnerability for attacks by Malwares. But the android is the operating system which is more secure than any other operating systems available for Smart phones. The Android operating system has very few restrictions for developers and it will increase the security risk for end users. In this paper we have reviewed android security model, application level security in android and its security issues

Malware Sandbox Evasion Techniques in Mobile Devices

The mobile platform is where it's at. There are currently very few professionals who dispute this view. Because of the rapidly increasing number of smartphones and other devices powered by the Android operating system all over the world, there has been a corresponding surge in the number of mobile apps, particularly harmful mobile apps.  This form of malware is very new, but it is rapidly changing, and it brings hazards that have not been seen before. As a part of Check Point’s ongoing efforts against the rising tide of mobile dangers, we, the Malware Research Team, want to learn as much as we can about the constantly shifting Android malware landscape. This requires understanding the internal operation of as many malicious apps as we can, so we can learn as much as we can. Manual malware analysis has always been a difficult operation, taking days or even weeks to complete for each sample. Because of this, the work is impracticable even for a small sample pool because of the amount of time it takes. Following the successful application of this strategy to mobile malware, our response is to automate as much of the analysis process as is practically practicable. Idan Revivo and Ofer Caspi from Check Point’s Malware Research Team were tasked with developing a system that would take an application and produce a report describing exactly what it does when it is run, specifically pointing out anything "fishy." This would enable us to perform an initial analysis with no human intervention, which is exactly what they have done. The popular CuckooDroid sandbox and a few other open-source projects form the basis of this automated, cross-platform emulation and analysis framework, which allows for static and dynamic APK inspection in addition to evading some VM-detection techniques, encryption key extraction, SSL inspection, API call trace, basic behavioral signatures, and more.  It is easy to make changes and add new features to the framework, and it draws heavily on the expertise of the current Cuckoo community

Anti-Hijack: Runtime Detection of Malware Initiated Hijacking in Android

AbstractAccording to studies, Android is having the highest market share in smartphone operating systems. The number of Android apps (i.e. applications) are increasing day by day. Consequent threats and attacks on Android are also rising. There are a large number of apps which bypass users by hiding their functionalities and send users sensitive information and data across the network. Due to flexibility and openness of Android operating system, attack surfaces are being introduced every other day.In this paper, we are addressing detection of two fatal malware attacks; intent based hijacking and authenticated session hijacking. We have used the concept of honey-pot in detection of these two authentication hijacking problems. In order to achieve this, we have tested various apps and their interaction with the honey-pot maintained by real device or an emulator. We have designed benign app as a honey framed app. We argue that hijacking malware can be detected with higher accuracy using our method at run-time as compared to the traditional machine learning methods. Our approach, Anti-Hijack, which has provided the detection accuracy as high as 96%. This has been highly accurate to detect the unwanted interaction between hijacking malware and designed benign app. We have tested our approach on a strong data-set of Android apps for experiment and identifying vulnerable points. Our detection method Anti-Hijack is a novel contribution in this area which provides light weight, device operated run-time detection at hijacking malware