João Lopes, C. Serrão, Luís Nunes, Ana de Almeida, João Oliveira
{"title":"Android恶意软件识别的机器学习方法概述","authors":"João Lopes, C. Serrão, Luís Nunes, Ana de Almeida, João Oliveira","doi":"10.1109/ISDFS.2019.8757523","DOIUrl":null,"url":null,"abstract":"Mobile malware is growing and affecting more and more mobile users around the world. Malicious developers and organisations are disguising their malware payloads on apparently benign applications and pushing them to large app stores, such as Google Play Store, and from there to final users. App stores are currently losing the battle against malicious applications proliferation and existing malware. Detection methods based on signatures, such as those of an antivirus, are limited, new approaches based on machine learning start to be explored to surpass the limitations of traditional mobile malware detection methods, analysing not only static characteristics of the app but also its behaviour. This paper contains an overview of the existing machine learning mobile malware detection approaches based on static, dynamic and hybrid analysis, presenting the advantages and limitations of each, and a comparison between the reviewed methods.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"Overview of machine learning methods for Android malware identification\",\"authors\":\"João Lopes, C. Serrão, Luís Nunes, Ana de Almeida, João Oliveira\",\"doi\":\"10.1109/ISDFS.2019.8757523\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Mobile malware is growing and affecting more and more mobile users around the world. Malicious developers and organisations are disguising their malware payloads on apparently benign applications and pushing them to large app stores, such as Google Play Store, and from there to final users. App stores are currently losing the battle against malicious applications proliferation and existing malware. Detection methods based on signatures, such as those of an antivirus, are limited, new approaches based on machine learning start to be explored to surpass the limitations of traditional mobile malware detection methods, analysing not only static characteristics of the app but also its behaviour. This paper contains an overview of the existing machine learning mobile malware detection approaches based on static, dynamic and hybrid analysis, presenting the advantages and limitations of each, and a comparison between the reviewed methods.\",\"PeriodicalId\":247412,\"journal\":{\"name\":\"2019 7th International Symposium on Digital Forensics and Security (ISDFS)\",\"volume\":\"43 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 7th International Symposium on Digital Forensics and Security (ISDFS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISDFS.2019.8757523\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISDFS.2019.8757523","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 13
摘要
移动恶意软件正在增长,并影响着全球越来越多的移动用户。恶意开发者和组织将恶意软件伪装成良性应用,并将其推送到大型应用商店(如Google Play Store),再从那里传播给最终用户。应用程序商店目前在与恶意应用程序扩散和现有恶意软件的战斗中处于劣势。基于签名的检测方法,如反病毒软件的检测方法是有限的,基于机器学习的新方法开始被探索,以超越传统移动恶意软件检测方法的局限性,不仅分析应用程序的静态特征,还分析其行为。本文概述了现有的基于静态、动态和混合分析的机器学习移动恶意软件检测方法,介绍了每种方法的优点和局限性,并对所审查的方法进行了比较。
Overview of machine learning methods for Android malware identification
Mobile malware is growing and affecting more and more mobile users around the world. Malicious developers and organisations are disguising their malware payloads on apparently benign applications and pushing them to large app stores, such as Google Play Store, and from there to final users. App stores are currently losing the battle against malicious applications proliferation and existing malware. Detection methods based on signatures, such as those of an antivirus, are limited, new approaches based on machine learning start to be explored to surpass the limitations of traditional mobile malware detection methods, analysing not only static characteristics of the app but also its behaviour. This paper contains an overview of the existing machine learning mobile malware detection approaches based on static, dynamic and hybrid analysis, presenting the advantages and limitations of each, and a comparison between the reviewed methods.