文章基本信息

标题：On the Analysis and Detection of Mobile Botnet Applications
本地全文：下载
作者：Ahmad Karim ; Rosli Salleh ; Muhammad Khurram Khan 等
期刊名称：Journal of Universal Computer Science
印刷版ISSN：0948-6968
出版年度：2016
卷号：22
期号：4
页码：567-588
DOI：10.3217/jucs-022-04-0567
出版社：Graz University of Technology and Know-Center
摘要：Mobile botnet phenomenon is gaining popularity among malware writers in order to exploit vulnerabilities in smartphones. In particular, mobile botnets enable illegal access to a victim's smartphone, can compromise critical user data and launch a DDoS attack through Command and Control (C&C). In this article, we propose a static analysis approach, DeDroid, to investigate botnet-specific properties that can be used to detect mobile applications with botnet intensions. Initially, we identify critical features by observing code behavior of the few known malware binaries having C&C features. Then, we compare the identified features with the malicious and benign applications of Drebin dataset. The results show against the comparative analysis that, Drebin dataset has 35% malicious applications which qualify as botnets. Upon closer examination, 90% of the potential botnets are confirmed as botnets. Similarly, for comparative analysis against benign applications having C&C features, DeDroid has achieved adequate detection accuracy. In addition, DeDroid has achieved high accuracy with negligible false positive rate while making decision for state-of-the-art malicious applications.
关键词：botnet detection; botware; malware; mobile botnet; mobile malware detection