Share Email Print

Proceedings Paper

DroidDetector: a traffic-based platform to detect android malware using machine learning
Author(s): Jingya Shen; Zhenxiang Chen; Shanshan Wang; Yuhui Zhu; Muhammad Umair Hassan
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

With the rapid development of the mobile Internet,more and more people are using smart phones to access the Internet, especially Android devices, which have become the most popular devices of the moment. Although today's mobile operating systems do their best to provide users with a secure Internet environment, due to the open source nature of Android, it is still unable to completely stop the outbreak of Android malware. Although existing source-based static detection and behavior-based dynamic detection can identify mobile malware, many problems still exist,such as low detection efficiency and difficulty in deployment. In order to solve these problems, we propose DroidDetector, a detection engine that can automatically detect whether an app is a malware or not by using off-line trained machine learning models for network traffic analysis. DroidDetector uses the VPNService class provided by the Android SDK to intercept network traffic (it does not require root permission). All data analysis are performed on the server,which consumes minimun cache and resource on mobile devices. We extract the length of the first 8 packets of network traffic as features and use Support Vector Machine(SVM) classification algorithm to train the model. In an evaluation experiment of 53107 TCP packet length feature tuples samples, DroidDetector can achieve 95. 68% detection confidence.

Paper Details

Date Published: 26 July 2018
PDF: 9 pages
Proc. SPIE 10828, Third International Workshop on Pattern Recognition, 108280N (26 July 2018); doi: 10.1117/12.2501923
Show Author Affiliations
Jingya Shen, Univ. of Jinan (China)
Zhenxiang Chen, Univ. of Jinan (China)
Shanshan Wang, Univ. of Jinan (China)
Yuhui Zhu, Univ. of Jinan (China)
Muhammad Umair Hassan, Univ. of Jinan (China)

Published in SPIE Proceedings Vol. 10828:
Third International Workshop on Pattern Recognition
Xudong Jiang; Zhenxiang Chen; Guojian Chen, Editor(s)

© SPIE. Terms of Use
Back to Top