{"title":"Banking Trojans APK Detection using Formal Methods","authors":"Nitesh Kumar, Vinay Kumar, Manish Gaur","doi":"10.1109/ISCON47742.2019.9036319","DOIUrl":null,"url":null,"abstract":"Nowadays, malware attacks are increasing for mobile devices because of the smartphones became requisite in usual activities for almost everyone. The Android operating system has grown the conventional OS for mobile devices in all places. Due to the open-source term of Android, these devices are mostly targeted by the attackers. Malware author uses various techniques to insert the bad code (instructions) into the clean application so that it performs malicious behavior. The modern signature-based anti-malware system may confuse the detection system by minor code transformations. To overcome the above issues this work analyzes the Java Bytecode instructions present in the class files extracted from the Android application files. The calculus of communicating systems (CCS) process model is generated using these Java Bytecode instructions by referring to a new process for each instruction of Java Bytecode. The malicious behavior properties are defined to verify the application files after invoking a formal verification tool for detection of Android Banking Trojans malware family. The experimental results show that our approach can detect Banking Trojans malware family with 98.91 % of accuracy.","PeriodicalId":124412,"journal":{"name":"2019 4th International Conference on Information Systems and Computer Networks (ISCON)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 4th International Conference on Information Systems and Computer Networks (ISCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCON47742.2019.9036319","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Nowadays, malware attacks are increasing for mobile devices because of the smartphones became requisite in usual activities for almost everyone. The Android operating system has grown the conventional OS for mobile devices in all places. Due to the open-source term of Android, these devices are mostly targeted by the attackers. Malware author uses various techniques to insert the bad code (instructions) into the clean application so that it performs malicious behavior. The modern signature-based anti-malware system may confuse the detection system by minor code transformations. To overcome the above issues this work analyzes the Java Bytecode instructions present in the class files extracted from the Android application files. The calculus of communicating systems (CCS) process model is generated using these Java Bytecode instructions by referring to a new process for each instruction of Java Bytecode. The malicious behavior properties are defined to verify the application files after invoking a formal verification tool for detection of Android Banking Trojans malware family. The experimental results show that our approach can detect Banking Trojans malware family with 98.91 % of accuracy.