Tuesday, March 26, 2013
Rules for Android Malware Detection
Rules for Android Malware Detection - Deceiving Permissions - Rules for Android Malware Detection. This pdf is about Android malware ecosystem that contains information about SMS senders (Andr/AdSMS), Information stealers (Andr/SMSRep), Phishing (fake mobile banking software), Privilege escalation exploits (DroidDream), Zeus for Android (Zitmo). Graph of android malware discovered samples. Android content detection. Mobile Security - ecosystem. Mining for attributes - Data mining, Classification, Clustering, Attribute evaluation (125 attributes), Find attribute combinations for suspicious APK detections, WEKA toolkit. Data mining process includes Collect and normalize data, Find appropriate algorithms, Analyse results, Create rules. Conclusion of the entire Business paper is Android malware numbers exponentially increasing. Increased complexity (obfuscation, polymorphism), Single permissions and combinations are (not) good alone, Certificate reputation significant, More attributes to be added in future research.