Go to OpenReview Archive homepage Detecting Targeted Smartphone Malware with Behavior-Triggering Stochastic Models
Abstract: Malware for current smartphone platforms is becoming increasingly sophisticated. The presence of advanced networking and sensing functions in the device is giving rise to a new generation of targeted
malware characterized by a more situational awareness, in which decisions are made on the basis of factors such as the device location, the
user profile, or the presence of other apps. This complicates behavioral
detection, as the analyst must reproduce very specific activation conditions in order to trigger malicious payloads. In this paper, we propose
a system that addresses this problem by relying on stochastic models of
usage and context events derived from real user traces. By incorporating the behavioral particularities of a given user, our scheme provides a
solution for detecting malware targeting such a specific user. Our results
show that the properties of these models follow a power-law distribution: a fact that facilitates an efficient generation of automatic testing
patterns tailored for individual users, when done in conjunction with a
cloud infrastructure supporting device cloning and parallel testing. We
report empirical results with various representative case studies, demonstrating the effectiveness of this approach to detect complex activation
patterns.
0 Replies
Loading