Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
4957500 | Pervasive and Mobile Computing | 2016 | 33 Pages |
Abstract
The drastic increase of Android malware has led to strong interest in automating malware analysis. In this paper, to fight against malware variants and zero-day malware, we proposed DroidChain: a method combining static analysis and a behavior chain model. We transform the malware detection problem into more accessible matrix form. Using this method, we propose four kinds of malware models, including privacy leakage, SMS financial charges, malware installation, and privilege escalation. To reduce time complexity, we propose the WxShall-extend algorithm. We had moved the prototype to GitHub and evaluate using 1260 malware samples. Experimental malware detection results demonstrate accuracy, precision, and recall of 73%-93%, 71%-99%, and 42%-92%, respectively. Calculation time accounts for 6.58% of the well-known Warshall algorithm's expense. Results demonstrate that our method, which can detect four kinds of malware simultaneously, is better than Androguard and Kirin.
Keywords
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Zhaoguo Wang, Chenglong Li, Zhenlong Yuan, Yi Guan, Yibo Xue,