The ability for mobile devices to hold a growing amount of personal data, credits on digital portfolios, etc. increases the risks due to data leaks. Therefore, the need to improve the security in such devices has become paramount. Guided by this goal, in this paper we present an approach to identify at runtime whether an operation carried out in the device is normal (benign) or abnormal (malicious). For this, we monitor the previous behaviour of the user. An application has been created that collects data relating to the user's data traffic (such as wifi downloaded bytes) in the background, allowing us to establish whether a new operation on the device is in line with previous ones. This gives life to a new kind of security enforcement on the device. The experiments were performed by collecting data taken from Android devices and have shown that anomalous operations can be detected with a high probability.

Detecting android malware according to observations on user activities

Fornaia A.;Tramontana E.;Verga G.
2018

Abstract

The ability for mobile devices to hold a growing amount of personal data, credits on digital portfolios, etc. increases the risks due to data leaks. Therefore, the need to improve the security in such devices has become paramount. Guided by this goal, in this paper we present an approach to identify at runtime whether an operation carried out in the device is normal (benign) or abnormal (malicious). For this, we monitor the previous behaviour of the user. An application has been created that collects data relating to the user's data traffic (such as wifi downloaded bytes) in the background, allowing us to establish whether a new operation on the device is in line with previous ones. This gives life to a new kind of security enforcement on the device. The experiments were performed by collecting data taken from Android devices and have shown that anomalous operations can be detected with a high probability.
978-1-5386-6916-7
Android; Security; Traffic analysis
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/20.500.11769/365904
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? ND
social impact