Open AccessBook Chapter10.1007/978-3-319-11698-3_43

Capturing Android Malware Behaviour Using System Flow Graph

- 15 Oct 2014

- pp 534-541

TL;DR: This article uses a new data structure namely System Flow Graph that offers a compact representation of information dissemination induced by an execution of an application to characterize malicious application behavior and lead some experiments on 4 malware families.

Abstract: This article uses a new data structure namely System Flow Graph (SFG) that offers a compact representation of information dissemination induced by an execution of an application to characterize malicious application behavior and lead some experiments on 4 malware families DroidKungFu1, DroidKungFu2, jSMSHider, BadNews. We show how SFG are relevant to exhibit malware behavior.

AI Agents for this Paper

Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps

Most frequently asked questions

1. What are the contributions mentioned in the paper "Capturing android malware behaviour using system flow graph" ?

This article uses a new data structure namely System Flow Graph ( SFG ) that offers a compact representation of information dissemination induced by an execution of an application to characterize malicious application behavior and lead some experiments on 4 malware families DroidKungFu1, DroidKungFu2, jSMSHider, BadNews.. The authors show how SFG are relevant to exhibit malware behavior.

2. What are the future works mentioned in the paper "Capturing android malware behaviour using system flow graph" ?

In future work, the authors plan to use these signatures in a new form of malware detection engine.

Citations

•Book

Detection of Intrusions and Malware, and Vulnerability Assessment

Bernhard M. Hämmerli, +1 more

- 01 Jan 2008

254

Journal Article•10.1080/17517575.2021.2023764

A comprehensive survey on machine learning approaches for malware detection in IoT-based enterprise information system

Akshat Gaurav, +2 more

- 07 Jan 2022

- Enterprise Information Systems

TL;DR: A detailed survey of machine learning algorithms for detecting malware in business information systems powered by the Internet of Things can be found in this article , where a variety of attack mitigation approaches for detecting harmful malware embedded in an Android application operating on an IoT device.

...read moreread less

132

•Journal Article•10.1109/ACCESS.2019.2918139

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

Wei Wang, +6 more

- 22 May 2019

- IEEE Access

TL;DR: This paper provides a clear and comprehensive survey of the state-of-the-art work that detects malapps by characterizing behaviors of apps with various types of features, and highlights the issues of exploring effective features from apps, provide the taxonomy of these features and indicate the future directions.

...read moreread less

109

Journal Article•10.1109/JIOT.2019.2909745

EveDroid: Event-Aware Android Malware Detection Against Model Degrading for IoT Devices

Tao Lei, +4 more

- 09 Apr 2019

- IEEE Internet of Things Journal

TL;DR: EveDroid is proposed, a scalable and event-aware Android malware detection system, which exploits the behavioral patterns in different events to effectively detect new malware based on the insight that events can reflect apps’ possible running activities.

...read moreread less

106

•Book Chapter•10.1007/978-3-030-02450-5_11

CDGDroid:: Android Malware Detection Based on Deep Learning Using CFG and DFG

Zhiwu Xu, +4 more

- 12 Nov 2018

TL;DR: CDGDroid is proposed, an effective approach for Android malware detection based on deep learning that identifies that the classification model taking the horizontal combination of CFG and DFG as features offers the best performance in terms of accuracy among all combinations.

...read moreread less

...

Expand

References

Journal Article•10.1145/2619091

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

William Enck, +8 more

- 01 Jun 2014

- ACM Transactions on Computer Systems

TL;DR: TaintDroid as mentioned in this paper is an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data by leveraging Android's virtualized execution environment.

...read moreread less

3.3K

•Proceedings Article•10.5555/1924943.1924971

TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

William Enck, +6 more

- 04 Oct 2010

TL;DR: Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, this work found 68 instances of misappropriation of users' location and device identification information across 20 applications.

...read moreread less

2.5K

•Proceedings Article•10.1109/SP.2012.16

Dissecting Android Malware: Characterization and Evolution

Yajin Zhou, +1 more

- 20 May 2012

TL;DR: Systematize or characterize existing Android malware from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software.

...read moreread less

2.4K

Proceedings Article•10.1145/1315245.1315261

Panorama: capturing system-wide information flow for malware detection and analysis

Heng Yin, +4 more

- 28 Oct 2007

TL;DR: This work proposes a system, Panorama, to detect and analyze malware by capturing malicious information access and processing behavior, which separates these malicious applications from benign software.

...read moreread less

864

•Proceedings Article

DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis

Lok Kwong Yan, +1 more

- 08 Aug 2012

TL;DR: DroidScope is presented, an Android analysis platform that continues the tradition of virtualization-based malware analysis and reconstructs both the OS-level and Java-level semantics simultaneously and seamlessly.

...read moreread less

835

...

Expand

Capturing Android Malware Behaviour Using System Flow Graph

Chat with Paper

AI Agents for this Paper

Most frequently asked questions

1. What are the contributions mentioned in the paper "Capturing android malware behaviour using system flow graph" ?

2. What are the future works mentioned in the paper "Capturing android malware behaviour using system flow graph" ?

Figures

Citations

Detection of Intrusions and Malware, and Vulnerability Assessment

A comprehensive survey on machine learning approaches for malware detection in IoT-based enterprise information system

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

EveDroid: Event-Aware Android Malware Detection Against Model Degrading for IoT Devices

CDGDroid:: Android Malware Detection Based on Deep Learning Using CFG and DFG

References

TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones

TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones

Dissecting Android Malware: Characterization and Evolution

Panorama: capturing system-wide information flow for malware detection and analysis

DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis

Related Papers (5)

Detection and Identification of Android Malware Based on Information Flow Monitoring

API Sequences Based Malware Detection for Android

Malware analysis method using visualization of binary files

EntropLyzer: Android Malware Classification and Characterization Using Entropy Analysis of Dynamic Characteristics

Malware behavior image for malware variant identification