• Login
    View Item 
    •   DORA Home
    • Faculty of Computing, Engineering and Media
    • School of Computer Science and Informatics
    • View Item
    •   DORA Home
    • Faculty of Computing, Engineering and Media
    • School of Computer Science and Informatics
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning

    Thumbnail
    View/Open
    EMULATOR-vs-REAL-PHONE-Android-Malware-Detection-Using-Machine-Learning.pdf (1.509Mb)
    Date
    2017-03-24
    Author
    Yerima, Suleiman;
    Sezer, Sakir;
    Alzaylaee, Mohammed K.
    Metadata
    Show attachments and full item record
    Abstract
    The Android operating system has become the most popular operating system for smartphones and tablets leading to a rapid rise in malware. Sophisticated Android malware employ detection avoidance techniques in order to hide their malicious activities from analysis tools. These include a wide range of anti-emulator techniques, where the malware programs attempt to hide their malicious activities by detecting the emulator. For this reason, countermeasures against anti-emulation are becoming increasingly important in Android malware detection. Analysis and detection based on real devices can alleviate the problems of anti-emulation as well as improve the effectiveness of dynamic analysis. Hence, in this paper we present an investigation of machine learning based malware detection using dynamic analysis on real devices. A tool is implemented to automatically extract dynamic features from Android phones and through several experiments, a comparative analysis of emulator based vs. device based detection by means of several machine learning algorithms is undertaken. Our study shows that several features could be extracted more effectively from the on-device dynamic analysis compared to emulators. It was also found that approximately 24% more apps were successfully analysed on the phone. Furthermore, all of the studied machine learning based detection performed better when applied to features extracted from the on-device dynamic analysis.
    Description
    The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.
    Citation : Alzaylaee, M. K., Yerima, S. Y. and Sezer, S. (2017) EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning. In: IWSPA '17: Proceedings of the 3rd ACM International Workshop on Security And Privacy Analytics, New York: ACM.
    URI
    http://hdl.handle.net/2086/16941
    DOI
    https://doi.org/10.1145/3041008.3041010
    ISBN : 9781450349093
    Research Group : Cyber Technology Institute (CTI)
    Research Institute : Cyber Technology Institute (CTI)
    Peer Reviewed : Yes
    Collections
    • School of Computer Science and Informatics [2679]

    Submission Guide | Reporting Guide | Reporting Tool | DMU Open Access Libguide | Take Down Policy | Connect with DORA
    DMU LIbrary
     

     

    Browse

    All of DORACommunities & CollectionsAuthorsTitlesSubjects/KeywordsResearch InstituteBy Publication DateBy Submission DateThis CollectionAuthorsTitlesSubjects/KeywordsResearch InstituteBy Publication DateBy Submission Date

    My Account

    Login

    Submission Guide | Reporting Guide | Reporting Tool | DMU Open Access Libguide | Take Down Policy | Connect with DORA
    DMU LIbrary