Abstract:
Android has become the most widely used mobile operating system (OS) in recent years. There is much research on methods for detecting malicious Android applications. Dyna...Show MoreMetadata
Abstract:
Android has become the most widely used mobile operating system (OS) in recent years. There is much research on methods for detecting malicious Android applications. Dynamic analysis methods detect such applications by evaluating their behaviour during execution. However, such mechanisms may be ineffective as malware is often able to disable antimalware software. This paper presents the design of T2DROID, a dynamic analyser for Android that uses traces of Android API function calls and kernel syscalls, and that is protected from malware by leveraging the ARM TrustZone security extension. In our experimental evaluation T2DROID achieved accuracy and precision of 0.98 and 0.99, respectively, with a kNN classifier.
Published in: 2017 IEEE Trustcom/BigDataSE/ICESS
Date of Conference: 01-04 August 2017
Date Added to IEEE Xplore: 11 September 2017
ISBN Information:
Electronic ISSN: 2324-9013