Alptekin, Halit and Yıldızlı, Can and Savaş, Erkay and Levi, Albert (2019) TRAPDROID: bare-metal android malware behavior analysis framework. In: 21st International Conference on Advanced Communication Technology (ICACT), PyeongChang, South Korea
PDF
trapdroidICACT.pdf
Restricted to Registered users only
Download (1MB) | Request a copy
trapdroidICACT.pdf
Restricted to Registered users only
Download (1MB) | Request a copy
Official URL: http://dx.doi.org/10.23919/ICACT.2019.8702030
Abstract
In the realm of mobile devices, malicious applications pose considerable threats to individuals, companies and governments. Cyber security researchers are in a constant race against malware developers and analyze their new methods to exploit them for better detection. In this paper, we present TRAPDROID, a dynamic malware analysis framework mostly focused on capturing unified behavior profiles of applications by analyzing them on physical devices in real-time. Our framework processes events, which are collected from system calls, binder communications, process stats, and hardware performance counters and combines them into a simple, yet meaningful behavior format. We evaluated our framework's detection rate and performance by analyzing an up-to-date malware dataset, which also contains specially crafted applications with malicious intent. The framework is easy to use, fast and providing high accuracy in malware detection with relatively low overhead.
Item Type: | Papers in Conference Proceedings |
---|---|
Uncontrolled Keywords: | mobile malware; dynamic analysis; android |
Divisions: | Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng. Faculty of Engineering and Natural Sciences |
Depositing User: | Albert Levi |
Date Deposited: | 27 Aug 2019 11:54 |
Last Modified: | 22 Jul 2023 16:26 |
URI: | https://research.sabanciuniv.edu/id/eprint/38104 |