StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware

Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security Pub Date : 2016-05-30 DOI:10.1145/2897845.2897860

Sen Chen, Minhui Xue, Zhushou Tang, Lihua Xu, Haojin Zhu

{"title":"StormDroid: A Streaminglized Machine Learning-Based System for Detecting Android Malware","authors":"Sen Chen, Minhui Xue, Zhushou Tang, Lihua Xu, Haojin Zhu","doi":"10.1145/2897845.2897860","DOIUrl":null,"url":null,"abstract":"Mobile devices are especially vulnerable nowadays to malware attacks, thanks to the current trend of increased app downloads. Despite the significant security and privacy concerns it received, effective malware detection (MD) remains a significant challenge. This paper tackles this challenge by introducing a streaminglized machine learning-based MD framework, StormDroid: (i) The core of StormDroid is based on machine learning, enhanced with a novel combination of contributed features that we observed over a fairly large collection of data set; and (ii) we streaminglize the whole MD process to support large-scale analysis, yielding an efficient and scalable MD technique that observes app behaviors statically and dynamically. Evaluated on roughly 8,000 applications, our combination of contributed features improves MD accuracy by almost 10% compared with state-of-the-art antivirus systems; in parallel our streaminglized process, StormDroid, further improves efficiency rate by approximately three times than a single thread.","PeriodicalId":166633,"journal":{"name":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"162","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2897845.2897860","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 162

Abstract

Mobile devices are especially vulnerable nowadays to malware attacks, thanks to the current trend of increased app downloads. Despite the significant security and privacy concerns it received, effective malware detection (MD) remains a significant challenge. This paper tackles this challenge by introducing a streaminglized machine learning-based MD framework, StormDroid: (i) The core of StormDroid is based on machine learning, enhanced with a novel combination of contributed features that we observed over a fairly large collection of data set; and (ii) we streaminglize the whole MD process to support large-scale analysis, yielding an efficient and scalable MD technique that observes app behaviors statically and dynamically. Evaluated on roughly 8,000 applications, our combination of contributed features improves MD accuracy by almost 10% compared with state-of-the-art antivirus systems; in parallel our streaminglized process, StormDroid, further improves efficiency rate by approximately three times than a single thread.

查看原文本刊更多论文

StormDroid：基于流式机器学习的安卓恶意软件检测系统

由于当前应用程序下载量增加的趋势，移动设备如今特别容易受到恶意软件的攻击。尽管恶意软件的安全和隐私问题备受关注，但有效的恶意软件检测（MD）仍是一项重大挑战。本文通过引入基于机器学习的流式化恶意软件检测框架 StormDroid 来应对这一挑战：(i) StormDroid 的核心基于机器学习，并利用我们在相当大的数据集中观察到的贡献特征的新组合进行了增强；(ii) 我们将整个恶意软件检测过程流式化以支持大规模分析，从而产生了一种高效且可扩展的恶意软件检测技术，可静态和动态地观察应用程序的行为。在对大约 8000 个应用程序进行评估后发现，与最先进的杀毒系统相比，我们所贡献的特征组合提高了近 10% 的 MD 准确率；与此同时，我们的流式化流程 StormDroid 进一步提高了效率，比单线程提高了约三倍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security

自引率

0.00%

发文量