基于恶意软件检测的移动互联网数据包挖掘

2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing Pub Date : 2014-11-08 DOI:10.1109/3PGCIC.2014.98

Haifeng Jin, Baojiang Cui, Jianxin Wang

{"title":"基于恶意软件检测的移动互联网数据包挖掘","authors":"Haifeng Jin, Baojiang Cui, Jianxin Wang","doi":"10.1109/3PGCIC.2014.98","DOIUrl":null,"url":null,"abstract":"With the fast development of mobile devices, the volume of mobile internet traffic increased dramatically. Various information is potential to be mined from it. In this paper, the large-scale mobile internet traffic is employed to protect end-users from mobile malwares that emerge at a similar speed to that of mobile internet. Traditional mobile malware detection methods often inevitably consume the limited battery life and computing resource of the end device. To solve these problems, a novel framework, Mining Mobile Internet Packets for Malware Detection (MMIP-MD), is proposed. Since the new technology of format preserving encryption (FPE) made the data of mobile internet traffic from telecommunication operators accessible and minable without leaking end-users' privacies, the framework thus aims feasibly at detecting mobile malwares using the traffic data only, which moves the detection from the end device to the internet side. It has good extensibility since a variety of mining algorithms can be applied on this framework to discover behavioral patterns of malwares. In addition, a real example of Bayes classification was implemented to illustrate the framework and test its feasibility.","PeriodicalId":395610,"journal":{"name":"2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Mining Mobile Internet Packets for Malware Detection\",\"authors\":\"Haifeng Jin, Baojiang Cui, Jianxin Wang\",\"doi\":\"10.1109/3PGCIC.2014.98\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the fast development of mobile devices, the volume of mobile internet traffic increased dramatically. Various information is potential to be mined from it. In this paper, the large-scale mobile internet traffic is employed to protect end-users from mobile malwares that emerge at a similar speed to that of mobile internet. Traditional mobile malware detection methods often inevitably consume the limited battery life and computing resource of the end device. To solve these problems, a novel framework, Mining Mobile Internet Packets for Malware Detection (MMIP-MD), is proposed. Since the new technology of format preserving encryption (FPE) made the data of mobile internet traffic from telecommunication operators accessible and minable without leaking end-users' privacies, the framework thus aims feasibly at detecting mobile malwares using the traffic data only, which moves the detection from the end device to the internet side. It has good extensibility since a variety of mining algorithms can be applied on this framework to discover behavioral patterns of malwares. In addition, a real example of Bayes classification was implemented to illustrate the framework and test its feasibility.\",\"PeriodicalId\":395610,\"journal\":{\"name\":\"2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing\",\"volume\":\"27 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-11-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/3PGCIC.2014.98\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/3PGCIC.2014.98","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

随着移动设备的快速发展，移动互联网的流量急剧增加。可以从中挖掘出各种各样的信息。在本文中，利用大规模的移动互联网流量来保护终端用户免受与移动互联网类似的速度出现的移动恶意软件的侵害。传统的移动恶意软件检测方法往往不可避免地消耗终端设备有限的电池寿命和计算资源。为了解决这些问题，提出了一种新的框架——挖掘移动互联网数据包进行恶意软件检测(MMIP-MD)。由于新的格式保持加密(FPE)技术使得电信运营商的移动互联网流量数据在不泄露终端用户隐私的情况下可以访问和提取，因此该框架旨在仅使用流量数据检测移动恶意软件，从而将检测从终端设备转移到互联网端。它具有良好的可扩展性，可以在此框架上应用多种挖掘算法来发现恶意软件的行为模式。最后，通过贝叶斯分类实例对该框架进行了说明，验证了该框架的可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Mining Mobile Internet Packets for Malware Detection

With the fast development of mobile devices, the volume of mobile internet traffic increased dramatically. Various information is potential to be mined from it. In this paper, the large-scale mobile internet traffic is employed to protect end-users from mobile malwares that emerge at a similar speed to that of mobile internet. Traditional mobile malware detection methods often inevitably consume the limited battery life and computing resource of the end device. To solve these problems, a novel framework, Mining Mobile Internet Packets for Malware Detection (MMIP-MD), is proposed. Since the new technology of format preserving encryption (FPE) made the data of mobile internet traffic from telecommunication operators accessible and minable without leaking end-users' privacies, the framework thus aims feasibly at detecting mobile malwares using the traffic data only, which moves the detection from the end device to the internet side. It has good extensibility since a variety of mining algorithms can be applied on this framework to discover behavioral patterns of malwares. In addition, a real example of Bayes classification was implemented to illustrate the framework and test its feasibility.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing

自引率

0.00%

发文量