6,648 research outputs found
Malware detection techniques for mobile devices
Mobile devices have become very popular nowadays, due to its portability and
high performance, a mobile device became a must device for persons using
information and communication technologies. In addition to hardware rapid
evolution, mobile applications are also increasing in their complexity and
performance to cover most needs of their users. Both software and hardware
design focused on increasing performance and the working hours of a mobile
device. Different mobile operating systems are being used today with different
platforms and different market shares. Like all information systems, mobile
systems are prone to malware attacks. Due to the personality feature of mobile
devices, malware detection is very important and is a must tool in each device
to protect private data and mitigate attacks. In this paper, analysis of
different malware detection techniques used for mobile operating systems is
provides. The focus of the analysis will be on the to two competing mobile
operating systems - Android and iOS. Finally, an assessment of each technique
and a summary of its advantages and disadvantages is provided. The aim of the
work is to establish a basis for developing a mobile malware detection tool
based on user profiling.Comment: 11 pages, 6 figure
Mal-Netminer: Malware Classification Approach based on Social Network Analysis of System Call Graph
As the security landscape evolves over time, where thousands of species of
malicious codes are seen every day, antivirus vendors strive to detect and
classify malware families for efficient and effective responses against malware
campaigns. To enrich this effort, and by capitalizing on ideas from the social
network analysis domain, we build a tool that can help classify malware
families using features driven from the graph structure of their system calls.
To achieve that, we first construct a system call graph that consists of system
calls found in the execution of the individual malware families. To explore
distinguishing features of various malware species, we study social network
properties as applied to the call graph, including the degree distribution,
degree centrality, average distance, clustering coefficient, network density,
and component ratio. We utilize features driven from those properties to build
a classifier for malware families. Our experimental results show that
influence-based graph metrics such as the degree centrality are effective for
classifying malware, whereas the general structural metrics of malware are less
effective for classifying malware. Our experiments demonstrate that the
proposed system performs well in detecting and classifying malware families
within each malware class with accuracy greater than 96%.Comment: Mathematical Problems in Engineering, Vol 201
Towards Adversarial Malware Detection: Lessons Learned from PDF-based Attacks
Malware still constitutes a major threat in the cybersecurity landscape, also
due to the widespread use of infection vectors such as documents. These
infection vectors hide embedded malicious code to the victim users,
facilitating the use of social engineering techniques to infect their machines.
Research showed that machine-learning algorithms provide effective detection
mechanisms against such threats, but the existence of an arms race in
adversarial settings has recently challenged such systems. In this work, we
focus on malware embedded in PDF files as a representative case of such an arms
race. We start by providing a comprehensive taxonomy of the different
approaches used to generate PDF malware, and of the corresponding
learning-based detection systems. We then categorize threats specifically
targeted against learning-based PDF malware detectors, using a well-established
framework in the field of adversarial machine learning. This framework allows
us to categorize known vulnerabilities of learning-based PDF malware detectors
and to identify novel attacks that may threaten such systems, along with the
potential defense mechanisms that can mitigate the impact of such threats. We
conclude the paper by discussing how such findings highlight promising research
directions towards tackling the more general challenge of designing robust
malware detectors in adversarial settings
- …