Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22–25, 2017, Proceedings

Research Article

SAFEDroid: Using Structural Features for Detecting Android Malwares

Download
166 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-78816-6_18,
        author={Sevil Sen and Ahmet Aysan and John Clark},
        title={SAFEDroid: Using Structural Features for Detecting Android Malwares},
        proceedings={Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings},
        proceedings_a={SECURECOMM \& ATCS \& SEPRIOT},
        year={2018},
        month={4},
        keywords={Android security Malware detection Static analysis Structural features Machine learning},
        doi={10.1007/978-3-319-78816-6_18}
    }
    
  • Sevil Sen
    Ahmet Aysan
    John Clark
    Year: 2018
    SAFEDroid: Using Structural Features for Detecting Android Malwares
    SECURECOMM & ATCS & SEPRIOT
    Springer
    DOI: 10.1007/978-3-319-78816-6_18
Sevil Sen1,*, Ahmet Aysan1,*, John Clark2,*
  • 1: Hacettepe University
  • 2: University of Sheffield
*Contact email: ssen@cs.hacettepe.edu.tr, aysan@hacettepe.edu.tr, john.clark@sheffield.ac.uk

Abstract

Mobile devices have become a popular target for attackers, whose aims are to harm the devices, illegally obtain personal information and ultimately to reap financial benefit. In order to detect such malicious attempts, security solutions based on static analysis are mainly preferred due to resource-constraints of these devices. However, in general, static analysis-based solutions are not very effective against new mobile malwares and new variants of existing mobile malwares appear on a daily basis. In this study, new features for static analysis are investigated in order to detect mobile malwares. While studies found in the literature mostly employ API calls and permissions, this current study explores some novel structural features. Results show the relative effectiveness of these features on malware detection. Furthermore, it is shown that these features detect new malwares better than solely applying API-based features.