Graph-based malware detection on the Android phones
With Android being the most popular smartphone operating system, it has become the main target to launch malware. The consequence can be severe once the smartphone is infected with malware. Therefore it is crucial that Android application market operators can effectively identify malware on the mark...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2014
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/58922 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-58922 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-589222023-03-03T20:49:25Z Graph-based malware detection on the Android phones Neo, Sunny Yong Kwang School of Computer Engineering Asst Prof Liu Yang DRNTU::Engineering::Computer science and engineering::Computing methodologies::Document and text processing With Android being the most popular smartphone operating system, it has become the main target to launch malware. The consequence can be severe once the smartphone is infected with malware. Therefore it is crucial that Android application market operators can effectively identify malware on the market. However with malwares getting increasingly sophisticated, traditional antivirus has lost its edge against it. As a result there is a need to explore alternate malware detection techniques that can detect malwares and its variants efficiently and effectively. One way is through the use of Program Dependency Graph. With it, we can exploit the semantics information that is difficult to alter even when the malware deployed code obfuscation. However the use of PDG through graph matching algorithm is not feasible because of subgraph isomorphism which is a NP-Complete problem and hence there is scalability issue. From here, we seek to explore different approach to utilize the PDG while making it scalable. The two main approaches will be through filtering approach to reduce the amount of graph to be matched and the use of data mining and features analysis of PDG structural information. After some evaluations, it is deemed that after applying filtering approach, the use of PDG is still not feasible as experiments have been conducted to query 7 malicious methods from 6 different malwares against 11 malwares (inclusive of the previous 6), and the filtering approach could not find any match within 10 minutes for each query, therefore the focus has been shifted to data mining and feature analysis approach Bachelor of Engineering (Computer Science) 2014-04-14T02:00:54Z 2014-04-14T02:00:54Z 2014 2014 Final Year Project (FYP) http://hdl.handle.net/10356/58922 en Nanyang Technological University 50 p. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering::Computing methodologies::Document and text processing |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering::Computing methodologies::Document and text processing Neo, Sunny Yong Kwang Graph-based malware detection on the Android phones |
| description |
With Android being the most popular smartphone operating system, it has become the main target to launch malware. The consequence can be severe once the smartphone is infected with malware. Therefore it is crucial that Android application market operators can effectively identify malware on the market. However with malwares getting increasingly sophisticated, traditional antivirus has lost its edge against it. As a result there is a need to explore alternate malware detection techniques that can detect malwares and its variants efficiently and effectively. One way is through the use of Program Dependency Graph. With it, we can exploit the semantics information that is difficult to alter even when the malware deployed code obfuscation. However the use of PDG through graph matching algorithm is not feasible because of subgraph isomorphism which is a NP-Complete problem and hence there is scalability issue. From here, we seek to explore different approach to utilize the PDG while making it scalable. The two main approaches will be through filtering approach to reduce the amount of graph to be matched and the use of data mining and features analysis of PDG structural information. After some evaluations, it is deemed that after applying filtering approach, the use of PDG is still not feasible as experiments have been conducted to query 7 malicious methods from 6 different malwares against 11 malwares (inclusive of the previous 6), and the filtering approach could not find any match within 10 minutes for each query, therefore the focus has been shifted to data mining and feature analysis approach |
| author2 |
School of Computer Engineering |
| author_facet |
School of Computer Engineering Neo, Sunny Yong Kwang |
| format |
Final Year Project |
| author |
Neo, Sunny Yong Kwang |
| author_sort |
Neo, Sunny Yong Kwang |
| title |
Graph-based malware detection on the Android phones |
| title_short |
Graph-based malware detection on the Android phones |
| title_full |
Graph-based malware detection on the Android phones |
| title_fullStr |
Graph-based malware detection on the Android phones |
| title_full_unstemmed |
Graph-based malware detection on the Android phones |
| title_sort |
graph-based malware detection on the android phones |
| publishDate |
2014 |
| url |
http://hdl.handle.net/10356/58922 |
| _version_ |
1759855436559810560 |