A study of android malware detection techniques in virtual environment
详细信息 查看全文
- 作者:Hyun Mi Jung ; Ki-Bong Kim ; Han-Jin Cho
- 关键词:Android malware ; Virtual machine ; Analysis Android malware ; Android malware detection
- 刊名:Cluster Computing
- 出版年:2016
- 出版时间:December 2016
- 年:2016
- 卷:19
- 期:4
- 页码:2295-2304
- 全文大小:
- 刊物类别:Computer Science
- 刊物主题:Processor Architectures; Operating Systems; Computer Communication Networks;
- 出版者:Springer US
- ISSN:1573-7543
- 卷排序:19
文摘
With the rapid development of mobile environment, cyber-attacks have become more commonplace and more sophisticated. In smartphone operating system market, in particular, Android platform accounts for a large portion (65 % or higher). At the same time, malwares on the Android platform, has increased exponentially. This, such as mobile Internet service provider (ISP) operator and device manufacturers, have applied an anti-virus product. However, there exhibit a high false-positive rate to detect malwares because these are based on patterns or heuristic. To solve this problem, this study proposed and implemented Android malware detection techniques in virtual environment, using single physical machine. The proposed system is divided into a host system and virtual environment. The former features black market crawler designed to collect malware, hypervisor targeted for the communication and control of virtual machine and host machine and main module which transmits analysis file and result log to each system. In virtual environment, agent and emulator were implemented to analyze malware-suspicious application. This study implemented more active and faster Android malware detection techniques through black market crawling and Linux kernel-hooking mechanism.