{"title":"CSCdroid:通过基于贡献级别的系统调用分类准确检测Android恶意软件","authors":"Shaofeng Zhang, Xi Xiao","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.237","DOIUrl":null,"url":null,"abstract":"The detection of the malicious application or malware on Android platform is a very concerned issue. Many studies have demonstrated their effect from static property analysis and dynamic analysis. However, their accuracy and efficacy still cannot satisfy the demand. In this paper, we propose CSCdroid, an accurate malware detection approach for Android via contribution-level-based system call (SC) categorization. Different from existing works, which use all SCs to construct feature vectors so as to determine the security of applications, CSCdroid first introduces a concept named contribution to quantitatively evaluate SCs relevance for malware identification. Based on the contribution level, CSCdroid can categorize SCs into two types, determinate SCs and normal SCs. Eventually, CSCdroid builds a Markov chain by replacing all normal SCs with one specific SC in the SC sequence. Then it constructs the target feature vector from the probability matrix and use the Support Vector Machine (SVM) to detect Android malware. Such way can effectively reduce the state number of Markov chains, and cut down the dimension of the feature vectors into the SVM classifier. Our evaluation confirms our approach possesses the malware detection ability with a high accuracy rate.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"CSCdroid: Accurately Detect Android Malware via Contribution-Level-Based System Call Categorization\",\"authors\":\"Shaofeng Zhang, Xi Xiao\",\"doi\":\"10.1109/Trustcom/BigDataSE/ICESS.2017.237\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The detection of the malicious application or malware on Android platform is a very concerned issue. Many studies have demonstrated their effect from static property analysis and dynamic analysis. However, their accuracy and efficacy still cannot satisfy the demand. In this paper, we propose CSCdroid, an accurate malware detection approach for Android via contribution-level-based system call (SC) categorization. Different from existing works, which use all SCs to construct feature vectors so as to determine the security of applications, CSCdroid first introduces a concept named contribution to quantitatively evaluate SCs relevance for malware identification. Based on the contribution level, CSCdroid can categorize SCs into two types, determinate SCs and normal SCs. Eventually, CSCdroid builds a Markov chain by replacing all normal SCs with one specific SC in the SC sequence. Then it constructs the target feature vector from the probability matrix and use the Support Vector Machine (SVM) to detect Android malware. Such way can effectively reduce the state number of Markov chains, and cut down the dimension of the feature vectors into the SVM classifier. Our evaluation confirms our approach possesses the malware detection ability with a high accuracy rate.\",\"PeriodicalId\":170253,\"journal\":{\"name\":\"2017 IEEE Trustcom/BigDataSE/ICESS\",\"volume\":\"17 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE Trustcom/BigDataSE/ICESS\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.237\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Trustcom/BigDataSE/ICESS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.237","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
CSCdroid: Accurately Detect Android Malware via Contribution-Level-Based System Call Categorization
The detection of the malicious application or malware on Android platform is a very concerned issue. Many studies have demonstrated their effect from static property analysis and dynamic analysis. However, their accuracy and efficacy still cannot satisfy the demand. In this paper, we propose CSCdroid, an accurate malware detection approach for Android via contribution-level-based system call (SC) categorization. Different from existing works, which use all SCs to construct feature vectors so as to determine the security of applications, CSCdroid first introduces a concept named contribution to quantitatively evaluate SCs relevance for malware identification. Based on the contribution level, CSCdroid can categorize SCs into two types, determinate SCs and normal SCs. Eventually, CSCdroid builds a Markov chain by replacing all normal SCs with one specific SC in the SC sequence. Then it constructs the target feature vector from the probability matrix and use the Support Vector Machine (SVM) to detect Android malware. Such way can effectively reduce the state number of Markov chains, and cut down the dimension of the feature vectors into the SVM classifier. Our evaluation confirms our approach possesses the malware detection ability with a high accuracy rate.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
