E-viri
Recenzirano
-
Khalid, Saneeha; Hussain, Faisal Bashir
Expert systems with applications, 11/2024, Letnik: 253Journal Article
Android based smartphones have become a top target for malware writers due to their widespread use. A number of malicious applications are present on play stores and downloaded on daily basis, posing a significant threat to users’ personal and business data. As a result, the design of malware analysis frameworks is crucial in protecting the growing number of users who rely on their smart phones for routine and business tasks. The traditional signature based schemes for malware detection are unable to handle new and sophisticated malware. Furthermore, generic solutions based on static analysis schemes become less effective in the presence of obfuscated malware. In this study, a dynamic analysis based framework, VolMemDroid, for detecting malicious applications for Android is proposed. The framework extracts the volatile memory artifacts for profiling malicious Android applications. For this purpose, the memory forensic framework of volatility is utilized. A number of volatility plugins are analyzed for their compatibility w.r.t the Android platform and their ability in modeling the application’s behavior. After testing a number of plugins, chosen plugins are further processed for extraction of features. A comprehensive feature set for Android malware detection and categorization is proposed. It has been found that the suggested framework is effective for detecting Android malicious applications with an F1-score of 0.972, which is better than existing volatile memory based approaches for Android malware detection. The framework is also found to be effective in categorizing malicious Android applications into four distinct classes. •A novel data driven malware detection and categorization framework for Android.•Resilient against obfuscation by utilizing volatile memory-based features.•First study to profile Android apps using memory forensics framework of volatility.•Volatility Plugins are analyzed for generation of useful feature representations.•Comprehensive feature set is reported for effective Android application analysis.
Vnos na polico
Trajna povezava
- URL:
Faktor vpliva
Dostop do baze podatkov JCR je dovoljen samo uporabnikom iz Slovenije. Vaš trenutni IP-naslov ni na seznamu dovoljenih za dostop, zato je potrebna avtentikacija z ustreznim računom AAI.
Leto | Faktor vpliva | Izdaja | Kategorija | Razvrstitev | ||||
---|---|---|---|---|---|---|---|---|
JCR | SNIP | JCR | SNIP | JCR | SNIP | JCR | SNIP |
Baze podatkov, v katerih je revija indeksirana
Ime baze podatkov | Področje | Leto |
---|
Povezave do osebnih bibliografij avtorjev | Povezave do podatkov o raziskovalcih v sistemu SICRIS |
---|
Vir: Osebne bibliografije
in: SICRIS
To gradivo vam je dostopno v celotnem besedilu. Če kljub temu želite naročiti gradivo, kliknite gumb Nadaljuj.