Flow anomaly based intrusion detection system for Android mobile devices

Abstract

The penetration of the modern mobile devices is progressively gaining ground in today's cognitive applications and services. Several applications have become part of the smartphone capabilities such as e-mail monitoring, Internet browsing, social networks activities, etc. However, the increased computation and storage capabilities of smartphones have attracted more and more cyber attacks in terms of writing mobile malware for various purposes. In this paper, we present an intrusion detection system (IDS) for detecting the anomaly behaviors in Android mobile devices. The IDS continuously monitors the network traffic of the mobile device and collects various features of the NetFlows. An artificial neural network (ANN) gathers the data flows and determines whether there is an invasion or not. The proposed IDS is demonstrated in realistic conditions, where the accuracy of the systems reaches 85%.