Article
Computer Science, Artificial Intelligence
Mario Luca Bernardi, Marta Cimitile, Fabrizio Maria Maggi
Summary: This study uses a multi-perspective declarative language to model the behavior of malware and trusted applications, and identifies malware applications and evaluates their membership to malware families through system call traces. The empirical study shows that the approach performs well in identifying infected applications and evaluating their family membership, and exhibits high performance and robustness against code transformations and evasion techniques.
Article
Computer Science, Artificial Intelligence
Alejandro Guerra-Manzanares, Marcin Luckner, Hayretdin Bahsi
Summary: The study presents a novel method to detect and address concept drift in Android malware detection, maintaining high performance over an extended period and minimizing the need for model retraining efforts.
EXPERT SYSTEMS WITH APPLICATIONS
(2022)
Article
Computer Science, Information Systems
Alejandro Guerra-Manzanares, Hayretdin Bahsi, Sven Nomm
Summary: This study discusses the evolution of Android malware datasets, the impact of time variables, the significance of data sources, and key factors in building more effective, robust, and long-lasting Android malware detection systems.
COMPUTERS & SECURITY
(2021)
Article
Computer Science, Information Systems
Xiaofei Xing, Xiang Jin, Haroon Elahi, Hai Jiang, Guojun Wang
Summary: This paper proposes a novel malware detection model that combines grayscale image representation with an autoencoder network. The model achieves high accuracy and stability on Android dataset, outperforming some traditional machine learning detection algorithms.
Review
Computer Science, Information Systems
Tejpal Sharma, Dhavleesh Rattan
Summary: Smartphones have become an essential necessity in daily life due to their widespread usage, but attackers are continuously developing new techniques to steal data, particularly related to privacy. This study aims to report a systematic literature review on malicious application detection in the Android operating system, identifying different techniques and categorizing features for investigation of malicious applications. The research highlights the need for new hybrid techniques to combat malware activities and provides recommendations for future research.
COMPUTER SCIENCE REVIEW
(2021)
Article
Computer Science, Artificial Intelligence
Renato Cordeiro de Amorim, Carlos David Lopez Ruiz
Summary: Finding meaningful clusters in drive-by-download malware data is challenging due to overlapping clusters and varying cardinality. Normalizing data with clustering algorithms may not prioritize more meaningful features over less meaningful ones. Introducing an iterative data pre-processing method that calculates the relevance of each feature within clusters can aid in increasing separation between clusters and improve average Silhouette width.
EXPERT SYSTEMS WITH APPLICATIONS
(2021)
Article
Automation & Control Systems
Xiaoheng Deng, Xinjun Pei, Shengwei Tian, Lan Zhang
Summary: The advent of 5G has brought new opportunities for Industrial Internet of Things (IoT) to leapfrog beyond current capabilities. However, the growing IoT has also attracted adversaries who develop new malware attacks on IoT applications. Deep-learning-based methods are expected to combat these sophisticated malwares, but they are not feasible for battery-powered end devices like Android smartphones. Edge computing enables near-real-time analysis of IoT data by shifting computation-intensive tasks to nearby edge servers. However, coordinating the task offloading among multiple users is challenging due to varying channel conditions and latency requirements. To address these challenges, we propose a hierarchical security framework for IoT malware detection that leverages the computation capacity and proximity benefits of edge computing. We also provide a delay-aware computational offloading strategy and construct a coordinated representation learning model, called Two-Stream Attention-Caps, to capture evolving malware attack patterns. Experimental results demonstrate superior detection performance compared to state-of-the-art systems on four benchmark datasets.
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS
(2023)
Article
Computer Science, Artificial Intelligence
Rui Zheng, Qiuyun Wang, Zhuopang Lin, Zhengwei Jiang, Jianming Fu, Guojun Peng
Summary: This paper proposes a cryptocurrency mining malware detection method called CMalHunt, which integrates heuristic rule features as a domain knowledge component in an ensemble learning framework. Experimental results show that CMalHunt outperforms baseline machine learning models, validating the effectiveness of feature type integration.
APPLIED SOFT COMPUTING
(2022)
Article
Computer Science, Information Systems
Kalupahana Liyanage Kushan Sudheera, Dinil Mon Divakaran, Rhishi Pratap Singh, Mohan Gurusamy
Summary: The fast-growing IoT market has brought about a significant threat landscape, as attacks on IoT devices consist of multiple stages and are dispersed spatially and temporally. Adept, a distributed framework, is proposed to detect and identify individual attack stages in a coordinated attack through monitoring network traffic, mining correlated patterns, and employing machine learning. Extensive experiments demonstrate the effectiveness of the framework in attack-stage detection and identification.
IEEE INTERNET OF THINGS JOURNAL
(2021)
Article
Computer Science, Information Systems
Gaofeng Zhang, Yu Li, Xudan Bao, Chinmay Chakarborty, Joel J. P. C. Rodrigues, Liping Zheng, Xuyun Zhang, Lianyong Qi, Mohammad R. Khosravi
Summary: In the era of smart healthcare, numerous smart devices are aiding cognitive computing in order to achieve lower costs and smarter diagnostics. Android system is widely used in the IoMT field as the primary operating system. However, the rise of Android malware has become a major security concern in healthcare, posing serious threats such as private information leaks and misuse of critical operations. Existing methods focus on sustainable classification models but fail to consider the key factor of system API aging. This study proposes a novel framework, TSDroid, that combines temporal and spatial metrics for clustering and enhances malware detection.
ACM TRANSACTIONS ON SENSOR NETWORKS
(2023)
Article
Computer Science, Theory & Methods
Ruitao Feng, Sen Chen, Xiaofei Xie, Guozhu Meng, Shang-Wei Lin, Yang Liu
Summary: The current approach for Android malware detection relies on server-side scanning, yet a final defense line on mobile devices is still necessary. This paper introduces an effective real-time detection system on mobile devices, evaluating the impact of different parameters on detection performance.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
(2021)
Article
Computer Science, Artificial Intelligence
Nektaria Potha, V Kouliaridis, G. Kambourakis
Summary: The paper introduces a sophisticated Extrinsic Random-based Ensemble (ERBE) method for malware detection, showing that it can effectively improve detection results by utilizing multiple external instances and different classification features. Experimental results on AndroZoo benchmark corpora verify the suitability of a random-based heterogeneous ensemble for this task and exhibit the effectiveness of the method, in some cases improving the best reported results by more than 5%.
CONNECTION SCIENCE
(2021)
Article
Computer Science, Information Systems
Pakarat Musikawan, Yanika Kongsorot, Ilsun You, Chakchai So-In
Summary: Android-based mobile devices have become popular due to their ease of use and wide range of capabilities. However, this popularity has also attracted attackers who use sophisticated malware obfuscation and detection avoidance tactics. In this article, an improved deep neural network called AMDI-Droid is presented to safeguard Android devices from malicious apps. The model combines multiple hidden layers to learn effective feature representations and uses a blending approach to produce final predictions.
IEEE INTERNET OF THINGS JOURNAL
(2023)
Article
Engineering, Multidisciplinary
Jawad Ahmed, Hassan Habibi Gharakheili, Craig Russell, Vijay Sivaraman
Summary: This paper presents a system that combines Software Defined Networking (SDN) and machine learning for detecting infected hosts communicating with external C&C servers in enterprise networks. The system dynamically selects network flows for diagnosis by trained models in real-time, relying on behavioral traffic profiles. The paper highlights the prevalence and activity patterns of DGA-enabled malware and trains specialized classifier models using behavioral attributes of malware flows.
IEEE TRANSACTIONS ON NETWORK SCIENCE AND ENGINEERING
(2022)
Article
Automation & Control Systems
Bardia Esmaeili, Amin Azmoodeh, Ali Dehghantanha, Hadis Karimipour, Behrouz Zolfaghari, Mohammad Hammoudeh
Summary: This article introduces a method called stateful query analysis (SQA) for detecting black-box adversarial attacks in industrial Internet of Things (IIoT). The method analyzes sequences of queries received by a malware classifier to detect attacks and abort them before completion. Experimental results demonstrate a detection rate of 93.1% across various adversarial examples.
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS
(2022)
Article
Computer Science, Artificial Intelligence
Baojiang Cui, Haifeng Jin, Zheli Liu, Jiangdong Deng
JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING
(2015)
Proceedings Paper
Computer Science, Information Systems
Haifeng Jin, Qingquan Song, Xia Hu
2018 9TH IEEE INTERNATIONAL CONFERENCE ON BIG KNOWLEDGE (ICBK)
(2018)
Proceedings Paper
Computer Science, Theory & Methods
Baojiang Cui, Shanshan He, Haifeng Jin
2015 9TH INTERNATIONAL CONFERENCE ON INNOVATIVE MOBILE AND INTERNET SERVICES IN UBIQUITOUS COMPUTING IMIS 2015
(2015)