Research Article
Detecting Mobile Malware with TMSVM
@INPROCEEDINGS{10.1007/978-3-319-23829-6_35, author={Xi Xiao and Xianni Xiao and Yong Jiang and Qing Li}, title={Detecting Mobile Malware with TMSVM}, proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I}, proceedings_a={SECURECOMM}, year={2015}, month={11}, keywords={Mobile malware TMSVM Dynamic analysis Static analysis Permission Control flow graph System call}, doi={10.1007/978-3-319-23829-6_35} }- Xi Xiao
Xianni Xiao
Yong Jiang
Qing Li
Year: 2015
Detecting Mobile Malware with TMSVM
SECURECOMM
Springer
DOI: 10.1007/978-3-319-23829-6_35
Abstract
With the rapid development of Android devices, mobile malware in Android becomes more prevalent. Therefore, it is rather important to develop an effective model for malware detection. Permissions, system calls, and control flow graphs have been proved to be important features in detection. In this paper, we utilize both static and dynamic strategies with a text classification method, TMSVM, to identify the mobile malware in these three aspects. At first, features have to be selected. Since the sum of control flow graphs is very large, Chi-Square method is used to get the key graphs. Then features are transformed into vectors and TMSVM is subsequently applied to get the classification result. In the static method, we firstly analyze permissions and control flow graphs respectively and then think of the combination of them. In the dynamic method, the system calls are considered. At last, based on the results of the static method and dynamic method, a hybrid classification model of three layers classification is proposed. Compared with the other methods, our method increases the TPR and decreases the FPR.