TRAPDROID: bare-metal android malware behavior analysis framework

Alptekin, Halit and Yıldızlı, Can and Savaş, Erkay and Levi, Albert (2019) TRAPDROID: bare-metal android malware behavior analysis framework. In: 21st International Conference on Advanced Communication Technology (ICACT), PyeongChang, South Korea

[thumbnail of trapdroidICACT.pdf] PDF
trapdroidICACT.pdf
Restricted to Registered users only

Download (1MB) | Request a copy

Abstract

In the realm of mobile devices, malicious applications pose considerable threats to individuals, companies and governments. Cyber security researchers are in a constant race against malware developers and analyze their new methods to exploit them for better detection. In this paper, we present TRAPDROID, a dynamic malware analysis framework mostly focused on capturing unified behavior profiles of applications by analyzing them on physical devices in real-time. Our framework processes events, which are collected from system calls, binder communications, process stats, and hardware performance counters and combines them into a simple, yet meaningful behavior format. We evaluated our framework's detection rate and performance by analyzing an up-to-date malware dataset, which also contains specially crafted applications with malicious intent. The framework is easy to use, fast and providing high accuracy in malware detection with relatively low overhead.
Item Type: Papers in Conference Proceedings
Uncontrolled Keywords: mobile malware; dynamic analysis; android
Divisions: Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng.
Faculty of Engineering and Natural Sciences
Depositing User: Albert Levi
Date Deposited: 27 Aug 2019 11:54
Last Modified: 22 Jul 2023 16:26
URI: https://research.sabanciuniv.edu/id/eprint/38104

Actions (login required)

View Item
View Item