ANDROID KÖTÜCÜL YAZILIM TESPİTİ YAKLAŞIMLARI
Year 2017,
Volume: 3 Issue: 2, 48 - 58, 31.12.2017
İBRAHİM ALPER Doğru
,
CEREN ASLANALP Dinçer
Abstract
Mobil
cihazlar, mobil uygulamaların işlevselliklerinin gelişmesiyle birlikte hem iş
hem günlük hayatta vazgeçilmez cihazlar olmaya başlamıştır. Kendi cihazını
getir iş modeli ile beraber bu cihazlar iş ve kamu kurumlarının ağlarına
bağlanarak, beraberinde kötücül yazılımların tüm risklerini organizasyona
taşımaktadır. Kötücül davranış, bilgiye ve cihaza yetkisiz erişim dolayısıyla
hem kurum hem kişiye karşı ciddi ölçüde tehdit oluşturmaya başlamıştır.
Android, açık kaynak çekirdek politikası sebebiyle bu tehditlere çok daha fazla
açık bir platformdur. Bu kötücül yazılımları tespit edip önlem almak için
tespit mekanizmaları geliştirilmekte, buna karşılık olarak kötücül yazılım
geliştiricileri dönüşüm gibi güçlü tekniklerle bu tespit tekniklerinden kaçmayı
amaçlamaktadır. Bu çalışmada, Android kötücül yazılım tespiti yaklaşımları
sunan farklı çalışmalar incelenmiştir ve bu çalışmalar çeşitli ölçütler
bakımından karşılaştırılmıştır.
References
- [1] D. He, S. Chan, M. Guizani, “Mobile application security: malware threats and defenses,” IEEE Wireless Communications, vol. 22(1), pp. 138-144, February 2015.
- [2] S.- H. Seo, A. Gupta, A. M. Sallam, E. Bertino, K. Yim, “Detecting mobile malware threats to homeland security through static analysis,” Journal of Network and Computer Applications, vol. 38, pp. 43-53, February 2014,
- [3] G DATA Mobile Malware Report. (Visited July 2017) [Online]. Available: https://file.gdatasoftware.com/web/en/documents/whitepaper/G_DATA_Mobile_Malware_Report_H1_2016_EN.pdf.
- [4] M. Guido, J. Ondricek, J. Grover, D. Wilburn, T. Nguyen, A. Hunt, “Automated identification of installed malicious Android applications,” Digital Investigation, vol. 10, pp. 96-104, August 2013.
- [5] Android – Architecture. (Visited July 2017) [Online]. Available: http://www.tutorialspoint.com/android/android_architecture.htm
- [6] V. Rastogi, Y. Chen, X. Jiang, “DroidChameleon: evaluating Android anti-malware against transformation attacks,” In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 329-334, May 2013.
- [7] A. Apvrille, “The evolution of mobile malware,” Computer Fraud & Security, vol. 2014(8), pp. 18-20, August 2014.
- [8] A. T. Kabakuş, İ. A. Doğru, A. Çetin, “Android kötücül yazılım tespit ve koruma sistemleri,” Erciyes Üniversitesi Fen Bilimleri Enstitüsü Dergisi, vol. 31(1), pp. 9-16, March 2015.
- [9] M. Chandramohan, H. B. K. Tan, “Detection of mobile malware in the wild,” IEEE Computer, vol. 45(9), pp. 65-71, January 2012,
- [10] X. Liu, J. Liu, “A two-layered permission based android malware detection scheme,” In 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 142-148, April 2014.
- [11] S. Y. Yerima, S. Sezer, G. Mcwilliams, “Analysis of bayesian classification-based approaches for android malware detection,” IET Information Security, vol. 8(1), pp. 25-36, January 2014.
- [12] Z. Xiaoyan, F. Juan, W. Xiujuan, “Android malware detection based on permissions,” In 2014 International Conference on Information and Communications Technologies (ICT 2014), pp. 1-5, May 2014.
- [13] S. Y. Yerima, S. Sezer, I. Muttik, “Android malware detection using parallel machine learning classifiers,” In 2014 Eighth International Conference on Next Generation Mobile Apps, Services and Technologies, pp. 37-42, September 2014.
- [14] G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, J. Blasco, “Dendroid: a text mining approach to analyzing and classifying code structures in Android malware families,” Expert Systems with Applications, vol. 41(4), pp. 1104-1117, March 2014.
- [15] A. T. Kabakus, I. A. Doğru, A. Cetin, “APK Auditor: Permission-based Android malware detection system,” Digital Investigation, vol. 13, pp. 1-14, June 2015.
- [16] R. S. Arslan, I. A. Doğru, N. Barışçı, “Android Mobil Uygulamalar için İzin Karşılaştırma Tabanlı Kötücül Yazılım Tespiti,” Politeknik Dergisi, vol. 20(1), pp. 175-189, Haziran 2016.
- [17] G. Kayabaşı, I. A. Dogru, “Mobil Uygulamaların Sınıflandırmasında Kullanılan Makine Öğrenmesi Algoritmalarının Güvenirlilik Tespiti,” ISCTurkey 2016 Bildiriler Kitabı, pp. 191-195, Ekim 2016.
- [18] I. Burguera, U. Zurutuza, S. Nadjm-Tehrani, “Crowdroid: behavior-based malware detection system for Android,” In
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26, October 2011.
- [19] Y. Lu, P. Zulie, L. Jingju, S. Yi, “Android malware detection technology based on improved bayesian classification,” In 2013 Third International Conference on Instrumentation, Measurement, Computer, Communication and Control (IMCCC), pp. 1338-1341, September 2013.
- [20] M. K. Alzaylee, S. Y. Yerima, S. Sezer, “Dynalog: an automated dynamic analysis framework for characterizing android applications,” In Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security), pp. 1-8, June 2016.
- [21] X. Wang, Y. Yang, Y. Zeng, C. Tang, J. Shi, K. Xu, “A novel hybrid mobile malware detection system integrating anomaly detection with misuse detection,” In Proceedings of the 6th International Workshop on Mobile Cloud Computing and Services, pp. 15-22, September 2015.
- [22] T. Yang, K. Qian, L. Li, D. Lo, L. Tao, “Static Mining and Dynamic Taint for Mobile Security Threats Analysis,” In IEEE International Conference on Smart Cloud (SmartCloud), pp. 234-240, November 2016.
- [23] Y. Zhou, X. Jiang, “Dissecting android malware: characterization and evolution,” In 2012 IEEE Symposium on
Security and Privacy, pp. 95-109, May 2012.
Year 2017,
Volume: 3 Issue: 2, 48 - 58, 31.12.2017
İBRAHİM ALPER Doğru
,
CEREN ASLANALP Dinçer
References
- [1] D. He, S. Chan, M. Guizani, “Mobile application security: malware threats and defenses,” IEEE Wireless Communications, vol. 22(1), pp. 138-144, February 2015.
- [2] S.- H. Seo, A. Gupta, A. M. Sallam, E. Bertino, K. Yim, “Detecting mobile malware threats to homeland security through static analysis,” Journal of Network and Computer Applications, vol. 38, pp. 43-53, February 2014,
- [3] G DATA Mobile Malware Report. (Visited July 2017) [Online]. Available: https://file.gdatasoftware.com/web/en/documents/whitepaper/G_DATA_Mobile_Malware_Report_H1_2016_EN.pdf.
- [4] M. Guido, J. Ondricek, J. Grover, D. Wilburn, T. Nguyen, A. Hunt, “Automated identification of installed malicious Android applications,” Digital Investigation, vol. 10, pp. 96-104, August 2013.
- [5] Android – Architecture. (Visited July 2017) [Online]. Available: http://www.tutorialspoint.com/android/android_architecture.htm
- [6] V. Rastogi, Y. Chen, X. Jiang, “DroidChameleon: evaluating Android anti-malware against transformation attacks,” In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 329-334, May 2013.
- [7] A. Apvrille, “The evolution of mobile malware,” Computer Fraud & Security, vol. 2014(8), pp. 18-20, August 2014.
- [8] A. T. Kabakuş, İ. A. Doğru, A. Çetin, “Android kötücül yazılım tespit ve koruma sistemleri,” Erciyes Üniversitesi Fen Bilimleri Enstitüsü Dergisi, vol. 31(1), pp. 9-16, March 2015.
- [9] M. Chandramohan, H. B. K. Tan, “Detection of mobile malware in the wild,” IEEE Computer, vol. 45(9), pp. 65-71, January 2012,
- [10] X. Liu, J. Liu, “A two-layered permission based android malware detection scheme,” In 2nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 142-148, April 2014.
- [11] S. Y. Yerima, S. Sezer, G. Mcwilliams, “Analysis of bayesian classification-based approaches for android malware detection,” IET Information Security, vol. 8(1), pp. 25-36, January 2014.
- [12] Z. Xiaoyan, F. Juan, W. Xiujuan, “Android malware detection based on permissions,” In 2014 International Conference on Information and Communications Technologies (ICT 2014), pp. 1-5, May 2014.
- [13] S. Y. Yerima, S. Sezer, I. Muttik, “Android malware detection using parallel machine learning classifiers,” In 2014 Eighth International Conference on Next Generation Mobile Apps, Services and Technologies, pp. 37-42, September 2014.
- [14] G. Suarez-Tangil, J. E. Tapiador, P. Peris-Lopez, J. Blasco, “Dendroid: a text mining approach to analyzing and classifying code structures in Android malware families,” Expert Systems with Applications, vol. 41(4), pp. 1104-1117, March 2014.
- [15] A. T. Kabakus, I. A. Doğru, A. Cetin, “APK Auditor: Permission-based Android malware detection system,” Digital Investigation, vol. 13, pp. 1-14, June 2015.
- [16] R. S. Arslan, I. A. Doğru, N. Barışçı, “Android Mobil Uygulamalar için İzin Karşılaştırma Tabanlı Kötücül Yazılım Tespiti,” Politeknik Dergisi, vol. 20(1), pp. 175-189, Haziran 2016.
- [17] G. Kayabaşı, I. A. Dogru, “Mobil Uygulamaların Sınıflandırmasında Kullanılan Makine Öğrenmesi Algoritmalarının Güvenirlilik Tespiti,” ISCTurkey 2016 Bildiriler Kitabı, pp. 191-195, Ekim 2016.
- [18] I. Burguera, U. Zurutuza, S. Nadjm-Tehrani, “Crowdroid: behavior-based malware detection system for Android,” In
Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pp. 15-26, October 2011.
- [19] Y. Lu, P. Zulie, L. Jingju, S. Yi, “Android malware detection technology based on improved bayesian classification,” In 2013 Third International Conference on Instrumentation, Measurement, Computer, Communication and Control (IMCCC), pp. 1338-1341, September 2013.
- [20] M. K. Alzaylee, S. Y. Yerima, S. Sezer, “Dynalog: an automated dynamic analysis framework for characterizing android applications,” In Proceedings of the 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security), pp. 1-8, June 2016.
- [21] X. Wang, Y. Yang, Y. Zeng, C. Tang, J. Shi, K. Xu, “A novel hybrid mobile malware detection system integrating anomaly detection with misuse detection,” In Proceedings of the 6th International Workshop on Mobile Cloud Computing and Services, pp. 15-22, September 2015.
- [22] T. Yang, K. Qian, L. Li, D. Lo, L. Tao, “Static Mining and Dynamic Taint for Mobile Security Threats Analysis,” In IEEE International Conference on Smart Cloud (SmartCloud), pp. 234-240, November 2016.
- [23] Y. Zhou, X. Jiang, “Dissecting android malware: characterization and evolution,” In 2012 IEEE Symposium on
Security and Privacy, pp. 95-109, May 2012.