ArticlePDF Available

Android OS Security: Heuristic based approach to detect Malicious Apps

Authors:

Abstract

The number of Android-based Smart phones and the users are growing rapidly. The usage of these kind of smart phones is applied mostly for security-critical applications no matter whether they are private or business applications, (e.g. online banking, accessing the corporate networks etc). The increased usage of these devices/applications makes them a very valuable target for an attacker. These attacks are becoming more sophisticated and successful, though many significant or large-scale attacks have failed. Thus, security is of principal importance for both private and corporate users. The popularity and adoption of Smartphone has greatly stimulated the spread of mobile malware, targeting highest distributed and the popular platforms such as Android [1]. In light of their rapid growth, it is the necessity of effective solution design. However, our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples. In this paper, we are mainly focusing on the Android platform and aim to characterize existing Android malware. In addition to systematic characterization of android malware from various methods such as their installation, activation mechanisms and the nature of carried malicious payloads. We would like to propose a permission-based [2] behavioral heuristic detection approach which in turn can be used detect new samples of Android malware. Also we will de designing a heuristics-based filtering scheme to identify certain inherent behaviors of unknown malicious families. These results clearly result in development of next-generation anti-mobile-malware solutions. Keywords: Android, malware, Smart phone, security, Linux, Architecture, Kernel, Design, Performance, content providers
International Journal of Research and Development ISSN: 2279-073x
[www.ijrdonline.com Volume II Issue I] Page 1
Android OS Security: Heuristic based approach to detect Malicious Apps
Yogesh P. Patil, Navnath D. Kale,Yogesh B. Gurav, Sandeep U. Kadam
TSSM’s Padmabhooshan Vasantdada Patil Institute of Technology, Bavdhan, Pune
Nitin P. Patil
Department of Computer Science, University of Pune, Pune
Abstract
The number of Android-based Smart phones
and the users are growing rapidly. The usage of
these kind of smart phones is applied mostly for
security-critical applications no matter whether
they are private or business applications, (e.g.
online banking, accessing the corporate
networks etc). The increased usage of these
devices/applications makes them a very
valuable target for an attacker. These attacks are
becoming more sophisticated and successful,
though many significant or large-scale attacks
have failed. Thus, security is of principal
importance for both private and corporate users.
The popularity and adoption of Smartphone has
greatly stimulated the spread of mobile
malware, targeting highest distributed and the
popular platforms such as Android [1]. In light
of their rapid growth, it is the necessity of
effective solution design. However, our defense
capability is largely constrained by the limited
understanding of these emerging mobile
malware and the lack of timely access to related
samples. In this paper, we are mainly focusing
on the Android platform and aim to characterize
existing Android malware.
In addition to systematic
characterization of android malware from
various methods such as their installation,
activation mechanisms and the nature of carried
malicious payloads. We would like to propose a
permission-based [2] behavioral heuristic
detection approach which in turn can be used
detect new samples of Android malware. Also
we will de designing a heuristics-based filtering
scheme to identify certain inherent behaviors of
unknown malicious families. These results
clearly result in development of next-generation
anti-mobile-malware solutions.
Keywords: Android, malware, Smart phone,
security, Linux, Architecture, Kernel, Design,
Performance, content providers
1. Introduction
Android is a mobile-based operating system
based on the Linux kernel. Android application
developers write mainly in the Java language.
While compiling the android app, Android
compiler compiles the developer's Java files
into class files, and then the class files get
converted into DEX file. Dex files are bytecode
for the Dalvik VM which is a non-standard
JVM that runs on Android platform. The XML
files get converted into a binary format that is
optimized to create small size files. Binary
XML files, the dex files and other resources
which are required to run an application, are
bundled into an Android package file which is
having extension .apk. APK files [4] are ZIP
files. Finally when the APK package [4] is
generated, it is required to sign with a
developer's key and uploaded onto the Android
market via Google's website from where the
user can download these APK files and install
them on the Android device. There are currently
more than 7, 00,000 downloadable applications
in the central repository of Android applications
run by Google and android applications can also
be downloaded from other third-party sites.
Use of smartphones has increased exponentially
and we are increasingly relying on smartphones
for operations like accessing online information,
making payment, playing games, using utility
applications etc., that were once performed only
ResearchGate has not been able to resolve any citations for this publication.
ResearchGate has not been able to resolve any references for this publication.