SaaS: A situational awareness and analysis system for massive android malware detection

Zhang, Yaocheng, Ren, Wei, Zhu, Tianqing and Ren, Yi ORCID: (2019) SaaS: A situational awareness and analysis system for massive android malware detection. Future Generation Computer Systems, 95. pp. 548-559. ISSN 0167-739X

[thumbnail of Accepted_Manuscript]
PDF (Accepted_Manuscript) - Accepted Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.

Download (18MB) | Preview


A large amount of mobile applications (Apps) are uploaded, distributed and updated in various Android markets, e.g., Google Play and Huawei AppGallery every day. One of the ongoing challenges is to detect malicious Apps (also known as malware) among those massive newcomers accurately and efficiently in the daily security management of Android App markets. Customers rely on those detection results in the selection of Apps upon downloading, and undetected malware may result in great damages. In this paper, we propose a cloud-based malware detection system called SaaS by leveraging and marrying multiple approaches from diverse domains such as natural language processing (n-gram), image processing (GLCM), cryptography (fuzzy hash), machine learning (random forest) and complex networks. We firstly extract n-gram features and GLCM features from an App's smali code and DEX file, respectively. We next feed those features into training data set, to create a machine learning detect model. The model is further enhanced by fuzzy hash to detect whether inspected App is repackaged or not. Extensive experiments (involving 1495 samples) demonstrates that the detecting accuracy is more than 98.5%, and support a large-scale detecting and monitoring. Besides, our proposed system can be deployed as a service in clouds and customers can access cloud services on demand.

Item Type: Article
Uncontrolled Keywords: cloud,fuzzy hash,glcm,machine learning,n-gram,software,hardware and architecture,computer networks and communications ,/dk/atira/pure/subjectarea/asjc/1700/1712
Faculty \ School: Faculty of Science > School of Computing Sciences
UEA Research Groups: Faculty of Science > Research Groups > Smart Emerging Technologies
Related URLs:
Depositing User: LivePure Connector
Date Deposited: 30 Apr 2019 12:30
Last Modified: 21 Oct 2022 22:34
DOI: 10.1016/j.future.2018.12.028


Downloads per month over past year

Actions (login required)

View Item View Item