Paper Info
Title
Runtime Classification of Mobile Malware for Resource-Constrained Devices.
Abstract
In the resource-constrained and battery-operated environment of mobile devices accurate detection of malware and discrimination between diverse types of existing malware are challenging tasks and most of the currently proposed solutions are focused on only one of the mentioned aspects. In this work, we propose a solution that is able to detect malware that appears at runtime and, at the same time, provides useful information to discriminate between diverse types of malware while taking into account limited resources of mobile devices. On device we monitor a set of the most representative features for presence of malware and use a detection algorithm of low complexity that provides an alarm if malware infection is observed. When the malware detection module raises an alarm, we analyse a set of previously stored information relevant for malware classification, in order to understand what type of malware is being executed. In order to achieve low consumption, we minimize the set of observed system parameters to only the most informative ones for both detection and classification and we offload part of the calculations related to discrimination between diverse types of malware to an external server. Our results show that dynamic features that we take into account ( memory, CPU, and network) reflect well the behavior of the observed system and can be used to detect malware executions on a mobile device and to perform its classification.
Year
DOI
Venue
2016
10.1007/978-3-319-67876-4_10
Communications in Computer and Information Science
Field
DocType
Volume
Mobile malware,World Wide Web,Computer security,Computer science,Mobile device,Malware
Conference
764
ISSN
Citations 
PageRank 
1865-0929
0
0.34
References 
Authors
8
3
Name
Order
Citations
PageRank
Jelena Milosevic1184.79
Miroslaw Malek21857149.63
Alberto Ferrante37813.68