A New Android Malware Detection Method Using Bayesian Classification

Suleiman Y. Yerima; Sakir Sezer; Gavin McWilliams; Igor  Muttik

doi:10.1109/AINA.2013.88

A New Android Malware Detection Method Using Bayesian Classification

Suleiman Y. Yerima, Sakir Sezer, Gavin McWilliams, Igor Muttik

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

220 Citations (Scopus)

691 Downloads (Pure)

Abstract

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.

Original language	English
Title of host publication	2013 IEEE 27th International Conference on Advanced Information Networking and Applications
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	121-128
Number of pages	8
DOIs	https://doi.org/10.1109/AINA.2013.88
Publication status	Published - Mar 2013
Event	2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA) - Hotel Catalonia Barcelona Plaza, Barcelona, Spain Duration: 25 Mar 2013 → 29 Mar 2013

Conference

Conference	2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA)
Country/Territory	Spain
City	Barcelona
Period	25/03/2013 → 29/03/2013

Access to Document

10.1109/AINA.2013.88

A New Android Malware Detection Approach Using Bayesian Classification
© 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works
Accepted author manuscript, 615 KB

http://voyager.ce.fit.ac.jp/conf/aina/2013/index.html

R1118ECI: Centre for Secure Information Technologies (CSIT)
McCanny, J. V. (PI), Cowan, C. (CoI), Crookes, D. (CoI), Fusco, V. (CoI), Linton, D. (CoI), Liu, W. (CoI), Miller, P. (CoI), O'Neill, M. (CoI), Scanlon, W. (CoI) & Sezer, S. (CoI)
01/08/2009 → 30/06/2014
Project: Research

Cite this

@inproceedings{a0cc3e42da284064ba7c4fdf05b97a52,

title = "A New Android Malware Detection Method Using Bayesian Classification",

abstract = "Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.",

author = "Yerima, {Suleiman Y.} and Sakir Sezer and Gavin McWilliams and Igor Muttik",

year = "2013",

month = mar,

doi = "10.1109/AINA.2013.88",

language = "English",

pages = "121--128",

booktitle = "2013 IEEE 27th International Conference on Advanced Information Networking and Applications",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

note = "2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA) ; Conference date: 25-03-2013 Through 29-03-2013",

}

Yerima, SY, Sezer, S, McWilliams, G & Muttik, I 2013, A New Android Malware Detection Method Using Bayesian Classification. in 2013 IEEE 27th International Conference on Advanced Information Networking and Applications. Institute of Electrical and Electronics Engineers Inc., pp. 121-128, 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA), Barcelona, Spain, 25/03/2013. https://doi.org/10.1109/AINA.2013.88

A New Android Malware Detection Method Using Bayesian Classification. / Yerima, Suleiman Y.; Sezer, Sakir; McWilliams, Gavin et al.
2013 IEEE 27th International Conference on Advanced Information Networking and Applications. Institute of Electrical and Electronics Engineers Inc., 2013. p. 121-128.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A New Android Malware Detection Method Using Bayesian Classification

AU - Yerima, Suleiman Y.

AU - Sezer, Sakir

AU - McWilliams, Gavin

AU - Muttik, Igor

PY - 2013/3

Y1 - 2013/3

N2 - Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.

AB - Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.

U2 - 10.1109/AINA.2013.88

DO - 10.1109/AINA.2013.88

M3 - Conference contribution

SP - 121

EP - 128

BT - 2013 IEEE 27th International Conference on Advanced Information Networking and Applications

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA)

Y2 - 25 March 2013 through 29 March 2013

ER -

A New Android Malware Detection Method Using Bayesian Classification

Abstract

Conference

Access to Document

Fingerprint

Projects

R1118ECI: Centre for Secure Information Technologies (CSIT)

Cite this