期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2014
卷号:8
期号:1
页码:231-246
DOI:10.14257/ijsia.2014.8.1.22
出版社:SERSC
摘要:Due to the openness of the Android-based open market, the distribution of malicious applications developed by attackers is increasing rapidly. In order to reduce the damage caused by the malicious applications, the mechanism that allows more accurate way to determine normal apps and malicious apps for common mobile devices should be developed. In this paper, the normal system call event patterns were analyzed from the most highly used game app in the Android open market, and the malicious system call event patterns were also analyzed from the malicious game apps extracted from 1260 malware samples distributed by Android MalGenome Project. Using the Strace tool, system call events are aggregated from normal and malicious apps. And analysis of relevance to each event set was performed. Through this process of analyzing the system call events, we can extract a similarity to determine whether any given app is malicious or not.
关键词:Android; System call events; Similarity analysis; Mobile Application; Malicious ; App.; Event pattern