Conference Paper

Intelligent virus detection on mobile devices.

DOI: 10.1145/1501434.1501511 Conference: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services, PST 2006, Markham, Ontario, Canada, October 30 - November 1, 2006
Source: DBLP

ABSTRACT In this paper, we describe a new solution for detecting mobile phone viruses. The solution is based on Bayesian decision theory using heuristic rules derived from common functionalities among different virus samples. Specifically, we detect viruses according to the DLL usage of a program, which is directly linked to the functionality of this program. Our solution is able to detect unknown viruses, especially the variants of existing ones. We evaluate our solution on the Symbian platform, where most viruses are present in the wild. We constructed a virus detector based on DLL functions from a small set of virus samples. It detects 95% of mobile viruses and yields no false alarm.

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Nowadays, mobile devices are an important part of our everyday lives since they enable us to access a large variety of ubiquitous services. In recent years, the availability of these ubiquitous and mobile services has significantly increased due to the different form of connectivity provided by mobile devices, such as GSM, GPRS, Bluetooth and Wi-Fi. In the same trend, the number and typologies of vulnerabilities exploiting these services and communication channels have increased as well. Therefore, smartphones may now represent an ideal target for malware writers. As the number of vulnerabilities and, hence, of attacks increase, there has been a corresponding rise of security solutions proposed by researchers. Due to the fact that this research field is immature and still unexplored in depth, with this paper we aim to provide a structured and comprehensive overview of the research on security solutions for mobile devices. This paper surveys the state of the art on threats, vulnerabilities and security solutions over the period 2004-2011, by focusing on high-level attacks, such those to user applications. We group existing approaches aimed at protecting mobile devices against these classes of attacks into different categories, based upon the detection principles, architectures, collected data and operating systems, especially focusing on IDS-based models and tools. With this categorization we aim to provide an easy and concise view of the underlying model adopted by each approach.
    IEEE Communications Surveys &amp Tutorials 01/2013; 15(1):446-471. · 6.49 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: SEIP is a simple and efficient but yet effective solution for the integrity protection of real-world cellular phone platforms, which is motivated by the disadvantages of applying traditional integrity models on these performance and user experience constrained devices. The major security objective of SEIP is to protect trusted services and resources (e.g., those belonging to cellular service providers and device manufacturers) from third party code. We propose a set of simple integrity protection rules based upon open mobile operating system environments and respective application behaviors. Our design leverages the unique features of mobile devices, such as service convergence and limited permissions of user installed applications, and easily identifies the borderline between trusted and untrusted domains on mobile platform. Our approach thus significantly simplifies policy specifications while still achieves a high assurance of platform integrity. SEIP is deployed within a commercially available Linux-based smartphone and demonstrates that it can effectively prevent certain malware. The security policy of our implementation is less than 20kB, and a performance study shows that it is lightweight.
    12/2010: pages 107-125;
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The malware threat for mobile phones is expected to increase with the great functionality enhancement of mobile phones. Despite the nowadays malware high abilities, there are a lot of challenges that facing the mobile threat containment process. From this perspective, this work introduces a novel effective solution for discovering handset malwares threats. The work proposed a new behavior based technique for mobile application analysis, which is based on exploiting the application DLL usages, in order to extract values that can be used in a malware detection process. The technique is highly expected to be able to detect zero day viruses that have the similar functionalities as existing ones. Also, since these DLL functions are easy to be extracted from the executable files, the approach is computationally efficient.
    Computer and Information Science 02/2012; 5(2).

Full-text (2 Sources)

Available from
Aug 11, 2014