Characterizing Evaluation Practices of Intrusion Detection Methods for Smartphones

Authors

  • Abdullah J. Alzahrani Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick
  • Natalia Stakhanova Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick
  • Hugo Gonzalez Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick
  • Ali A. Ghorbani Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick

DOI:

https://doi.org/10.13052/jcsm2245-1439.321

Keywords:

intrusion detection, smartphones, mobile malware

Abstract

The appearance of a new Android platform and its popularity has resulted in a sharp rise in the number of reported vulnerabilities and consequently in the number of mobile threats. Mobile malware, a dominant threat for modern mobile devices, was almost non-existent before the official release of the Android platform in 2008. The rapid development of mobile platform apps and app markets coupled with the open nature of the Android platform triggered an explosive growth of specialized malware and subsequent search for effective defence mechanisms. In spite of considerable research efforts in this area, the majority of the proposed solutions have seen limited success, which has been attributed in the research community to the lack of proper datasets, lack of validation and other deficiencies of the experiments. We feel that many of these shortcomings are due to immaturity of the field and a lack of established and organized practice. To remedy the problem, we investigated the employed experimentation practices adopted by the smartphone security community through a review of 120 studies published during the period between 2008–2013. In this paper, we give an overview of the research in the field of intrusion detection techniques for the Android platform and explore the deficiencies of the existing experimentation practices. Based on our analysis we present a set of guidelines that could help researchers to avoid common pitfalls and improve the quality of their work.

Downloads

Download data is not yet available.

Author Biographies

Abdullah J. Alzahrani, Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick

Abdullah Alzahrani is a PhD candidate at the faculty of Computer Science, University of New Brunswick, Canada. He is a lecturer at Computer Science and computer Engineering department, University of Hail, Saudi Arabia. His research interests include botnet detection, Android security, network security, malware analysis and reverse engineering. He is a member of the Information Security Centre of Excellence, University of New Brunswick.

 

Natalia Stakhanova, Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick

Dr. Natalia Stakhanova is the New Brunswick Innovation Research Chair in Cyber Security at University of New Brunswick, Canada. Her research interests include intrusion detection and response, smartphone security, security assessment and generally network and computer security. Natalia Stakhanova was the recipient of the Nokia Best Student Paper Award at The IEEE International Conference on Advanced Information Networking and Applications (AINA). She served on the program committee of several conferences and workshops in area of information security and assurance, including the Conference on Privacy, Security and Trust (PST). Natalia developed a number of technologies that have been adopted by high-tech companies such as IBM and she currently has three patents in the field of computer security.

Hugo Gonzalez, Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick

Hugo Gonzalez is a PhD student at the Information Security Centre of Excellence, University of New Brunswick, Canada. He is a faculty member of the Polytechnic University of San Luis Potosi, Mexico. His current research interests include network security and malware analysis. He is a member of the Association for Computing Machinery, the IEEE Computer Society and The Honeynet Project.

 

Ali A. Ghorbani, Information Security Center of Excellence, Faculty of Computer Science, University of New Brunswick

Ali Ghorbani has held a variety of positions in academia for the past 34 years. He currently serves as Dean of the Faculty of Computer Science and Founding Director of the Information Security Centre of Excellence at the University of New Brunswick (UNB), Fredericton, Canada. Dr. Ghorbani is the co-Editor-In-Chief of Computational Intelligence, an international journal. He supervised more than 150 research associates, postdoctoral fellows, and undergraduate & graduate students and authored more than 250 research papers in journals and conference proceedings and has edited 11 volumes. He is the co-inventor of 3 patents in the area of Network Security and Web Intelligence. In 2012 he spawn off “Ara Labs Security Solutions” and “Eyesover Technologies”. His current research focus is Network & Information Security, Complex Adaptive Systems, Critical Infrastructure Protection, and Web Intelligence. His book, Intrusion Detection and Prevention Systems: Concepts and Techniques, published by Springer in October 2009. Dr. Ghorbani is the Senior member of IEEE and the member of ACM, and Canadian Information Processing Society (CIPS). He is also the coordinator of the Privacy, Security and Trust (PST*net) research network.

References

Sanae Rosen, Zhiyun Qian, and Z Morely Mao. Appprofiler: a flexible method of exposing privacy-related behavior in android applications to end users. In Proceedings of the third ACM conference on Data and application security and privacy, pages 221–232. ACM, 2013.

Saurabh Chakradeo, Bradley Reaves, Patrick Traynor, and William Enck. Mast: triage for market-scale mobile malware analysis. In Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, pages 13–24. ACM, 2013.

Johannes Hoffmann, Martin Ussath, Thorsten Holz, and Michael Spreitzenbarth. Slicing droids: program slicing for smali code. In Proceedings of the 28th Annual ACM Symposium on Applied Computing, pages 1844–1851. ACM, 2013.

Kevin Joshua Abela, Jan Raynier Delas Alas, Don Kristopher Angeles, Robert Joseph Tolentino, and Miguel Alberto Gomez. Automated malware detection for android amda. In The Second International Conference on Cyber Security, Cyber Peacefare and Digital Forensic (CyberSec2013), pages 180–188. The Society of Digital Information and Wireless Communication, 2013.

Zarni Aung and Win Zaw. Permission-based android malware detection. International Journal of Scientific and Technology Research, 2(3): 228–234, 2013.

Michael Spreitzenbarth, Felix Freiling, Florian Echtler, Thomas Schreck, and Johannes Hoffmann. Mobile-sandbox: having a deeper look into android applications. In Proceedings of the 28th Annual ACM Symposium on Applied Computing, pages 1808–1815. ACM, 2013.

Mo Ghorbanzadeh, Yang Chen, Zhongmin Ma, T Charles Clancy, and Robert McGwier. A neural network approach to category validation of android applications. In Computing, Networking and Communications (ICNC), 2013 International Conference on, pages 740–744. IEEE, 2013.

Min Zheng, Mingshen Sun, and John Lui. Droid analytics: A signature based analytic system to collect, extract, analyze and associate android malware. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, pages 163–171. IEEE, 2013.

Borja Sanz, Igor Santos, Javier Nieves, Carlos Laorden, Inigo Alonso-Gonzalez, and Pablo G Bringas. Mads: Malicious android applications detection through string analysis. In Network and System Security, pages 178–191. Springer, 2013.

Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie. Droidalarm: an all-sided static analysis tool for android privilege-escalation malware. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pages 353–358. ACM, 2013.

Wu Zhou, Yajin Zhou, Michael Grace, Xuxian Jiang, and Shihong Zou. Fast, scalable detection of piggybacked mobile applications. In Proceedings of the third ACM conference on Data and application security and privacy, pages 185–196. ACM, 2013.

Vaibhav Rastogi, Yan Chen, and William Enck. Appsplayground: Automatic security analysis of smartphone applications. In Proceedings of the third ACM conference on Data and application security and privacy, pages 209–220. ACM, 2013.

Hiroki Kuzuno and Satoshi Tonami. Signature generation for sensitive information leakage in android applications. In Data Engineering Workshops (ICDEW), 2013 IEEE 29th International Conference on, pages 112–119. IEEE, 2013.

Johannes Hoffmann, Stephan Neumann, and Thorsten Holz. Mobile malware detection based on energy fingerprints a dead end? In Research in Attacks, Intrusions, and Defenses, pages 348–368. Springer, 2013.

Yousra Aafer, Wenliang Du, and Heng Yin. Droidapiminer: Mining api-level features for robust malware detection in android. In Security and Privacy in Communication Networks, pages 86–103. Springer, 2013.

John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, and Salvatore Stolfo. On the feasibility of online malware detection with performance counters. In Proceedings of the 40th Annual International Symposium on Computer Architecture, pages 559–570. ACM, 2013.

Hugo Gascon, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck. Structural detection of android malware using embedded call graphs. In Proceedings of the 2013 ACM workshop on Artificial intelligence and security, pages 45–54. ACM, 2013.

Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X Sean Wang, and Binyu Zang. Vetting undesirable behaviors in android apps with permission use analysis. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 611–622. ACM, 2013.

Ruofan Jin and Bing Wang. Malware detection for mobile devices using software-defined networking. In Research and Educational Experiment Workshop (GREE), 2013 Second GENI, pages 81–88. IEEE, 2013.

Hyo-Sik Ham and Mi-Jung Choi. Analysis of android malware detection performance using machine learning classifiers. In ICT Convergence (ICTC), 2013 International Conference on, pages 490–495. IEEE, 2013.

Federico Maggi, Andrea Valdi, and Stefano Zanero. Andrototal: a flexible, scalable toolbox and service for testing mobile malware detectors. In Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices, pages 49–54. ACM, 2013.

Suleiman Y Yerima, Sakir Sezer, Gavin McWilliams, and Igor Muttik. A new android malware detection approach using bayesian classification. In Advanced Information Networking and Applications (AINA), 2013 IEEE 27th International Conference on, pages 121–128. IEEE, 2013.

Brandon Amos, Hamilton Turner, and Jules White. Applying machine learning classifiers to dynamic android malware detection at scale. In Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International, pages 1666–1671. IEEE, 2013.

Byungha Choi, Sung-Kyo Choi, and Kyungsan Cho. Detection of mobile botnet using vpn. In Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference on, pages 142–148. IEEE, 2013.

Aiman A Abu Samra and Osama A Ghanem. Analysis of clustering technique in android malware detection. In Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2013 Seventh International Conference on, pages 729–733. IEEE, 2013.

Bryan Dixon and Shivakant Mishra. Power based malicious code detection techniques for smartphones. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, pages 142–149. IEEE, 2013.

Parvez Faruki, Vijay Ganmoor, Vijay Laxmi, MS Gaur, and Ammar Bharmal. Androsimilar: robust statistical feature signature for android malware detection. In Proceedings of the 6th International Conference on Security of Information and Networks, pages 152–159. ACM, 2013.

Kevin Joshua Abela, Don Kristopher Angeles, Jan Raynier Delas Alas, Robert Joseph Tolentino, and Miguel Alberto Gomez. An automated malware detection system for android using behavior-based analysis amda. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2(2):1–11, 2013.

Borja Sanz, Igor Santos, Xabier Ugarte-Pedrero, Carlos Laorden, Javier Nieves, and Pablo G Bringas. Instance-based anomaly method for android malware detection. pages 387–394, 2013.

Anand Paturi, Manoj Cherukuri, John Donahue, and Srinivas Mukkamala. Mobile malware visual analytics and similarities of attack toolkits (malware gene analysis). In Collaboration Technologies and Systems (CTS), 2013 International Conference on, pages 149–154. IEEE, 2013.

Heqing Huang, Sencun Zhu, Peng Liu, and Dinghao Wu. A framework for evaluating mobile app repackaging detection algorithms. In Trust and Trustworthy Computing, pages 169–186. Springer, 2013.

Monica Curti, Alessio Merlo, Mauro Migliardi, and Simone Schiappacasse. Towards energy-aware intrusion detection systems on mobile devices. In High Performance Computing and Simulation (HPCS), 2013 International Conference on, pages 289–296. IEEE, 2013.

Wei Yu, Zhijiang Chen, Guobin Xu, Sixiao Wei, and Nnanna Ekedebe. A threat monitoring system for smart mobiles in enterprise networks. In Proceedings of the 2013 Research in Adaptive and Convergent Systems, pages 300–305. ACM, 2013.

Jianlin Xu, Yifan Yu, Zhen Chen, Bin Cao, Wenyu Dong, Yu Guo, and Junwei Cao. Mobsafe: cloud computing based forensic analysis for massive mobile applications using data mining. Tsinghua Science and Technology, 18(4), 2013.

Lena Tenenboim-Chekina, Lior Rokach, and Bracha Shapira. Ensemble of feature chains for anomaly detection. In Multiple Classifier Systems, pages 295–306. Springer, 2013.

Yibing Zhongyang, Zhi Xin, Bing Mao, and Li Xie. Droidalarm: an all-sided static analysis tool for android privilege-escalation malware. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pages 353–358. ACM, 2013.

Hwan-Taek Lee, Minkyu Park, and Seong-Je Cho. Detection and pre vention of lena malware on android. Journal of Internet Services and Information Security (JISIS), 3(3/4):63–71, 2013.

Seung-Hyun Seo, Aditi Gupta, Asmaa Mohamed Sallam, Elisa Bertino, and Kangbin Yim. Detecting mobile malware threats to homeland security through static analysis. Journal of Network and Computer Applications, 38:43–53, 2013.

Byeongho Kang, BooJoong Kang, Jungtae Kim, and Eul Gyu Im. Android malware classification method: Dalvik bytecode frequency analysis. In Proceedings of the 2013 Research in Adaptive and Convergent Systems, pages 349–350. ACM, 2013.

Suyeon Lee, Jehyun Lee, and Heejo Lee. Screening smartphone applications using behavioral signatures. In Security and Privacy Protection in Information Processing Systems, pages 14–27. Springer, 2013.

Parvez Faruki, Vijay Laxmi, Vijay Ganmoor, MS Gaur, and Ammar Bharmal. Droidolytics: Robust feature signature for repackaged android apps on official and third party android markets. In Advanced Computing, Networking and Security (ADCONS), 2013 2nd International Conference on, pages 247–252. IEEE, 2013.

Shaoyin Cheng, Shengmei Luo, Zifeng Li, Wei Wang, Yan Wu, and Fan Jiang. Static detection of dangerous behaviors in android apps. In Cyberspace Safety and Security, pages 363–376. Springer, 2013.

Zhizhong Wu, Xuehai Zhou, and Jun Xu. A result fusion based distributed anomaly detection system for android smartphones. Journal of Networks, 8(2), 2013.

Ryan Johnson, Zhaohui Wang, Angelos Stavrou, and Jeff Voas. Exposing software security and availability risks for commercial mobile devices. In Reliability and Maintainability Symposium (RAMS), 2013 Proceedings-Annual, pages 1–7. IEEE, 2013.

K Saritha and R Samaiah. Behavior analysis of mobile system in cloud computing. In International Journal of Engineering Research and Technology, volume 2. ESRSA Publications, 2013.

Thomas Eder, Michael Rodler, Dieter Vymazal, and Markus Zeilinger. Ananas-a framework for analyzing android applications. In Availability, Reliability and Security (ARES), 2013 Eighth International Conference on, pages 711–719. IEEE, 2013.

Roshanak Roshandel, Payman Arabshahi, and Radha Poovendran. Lidar: a layered intrusion detection and remediationframework for smartphones. In Proceedings of the 4th international ACM Sigsoft symposium on Architecting critical systems, pages 27–32. ACM, 2013.

Mohammad Karami, Mohamed Elsabagh, Parnian Najafiborazjani, and Angelos Stavrou. Behavioral analysis of android applications using automated instrumentation. In Software Security and Reliability-Companion (SERE-C), 2013 IEEE 7th International Conference on, pages 182–187. IEEE, 2013.

Fangfang Yuan, Lidong Zhai, Yanan Cao, and Li Guo. Research of intrusion detection system on android. In Services (SERVICES), 203 IEEE Ninth World Congress on, pages 312–316. IEEE, 2013.

Ryo Sato, Daiki Chiba, and Shigeki Goto. Detecting android malware by analyzing manifest files. Proceedings of the Asia-Pacific Advanced Network, 36: 23–31, 2013.

Dong-uk Kim, Jeongtae Kim, and Sehun Kim. A malicious application detection framework using automatic feature extraction tool on android market. In 3rd International Conference on Computer Science and Information Technology (ICCSIT’2013), pages 4–5, 2013.

Jonathan Crussell, Clint Gibler, and Hao Chen. Scalable semantics-based detection of similar Android applications. ESORICS, 2013.

Veelasha Moonsamy, Jia Rong, and Shaowu Liu. Mining permission patterns for contrasting clean and malicious android applications. Future Generation Computer Systems, 2013.

You Joung Ham, Hyung-Woo Lee, Jae Deok Lim, and Jeong Nyeo Kim. Droidvulmonandroid based mobile device vulnerability analysis and monitoring system. In Next Generation Mobile Apps, Services and Technologies (NGMAST), 2013 Seventh International Conference on, pages 26–31. IEEE, 2013.

Ilona Murynets and Roger Piqueras Jover. Anomaly detection in cellular machine-to-machine communications. In Communications (ICC), 2013 IEEE International Conference on, pages 2138–2143. IEEE, 2013.

Zhemin Yang, Min Yang, Yuan Zhang, Guofei Gu, Peng Ning, and X Sean Wang. Appintent: Analyzing sensitive data transmission in android for privacy leakage detection. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 1043–1054. ACM, 2013.

Wei Xu, Fangfang Zhang, and Sencun Zhu. Permlyzer: Analyzing permission usage in android applications. In Software Reliability Engineering (ISSRE), 2013 IEEE 24th International Symposium on, pages 400–410. IEEE, 2013.

Steve Hanna, Ling Huang, Edward Wu, Saung Li, Charles Chen, and Dawn Song. Juxtapp: A scalable system for detecting code reuse among android applications. In Detection of Intrusions and Malware, and Vulnerability Assessment, pages 62–81. Springer, 2013.

Dong-Jie Wu, Ching-Hao Mao, Te-En Wei, Hahn-Ming Lee, and Kuo-Ping Wu. Droidmat: Android malware detection through manifest and api calls tracing. In Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference on, pages 62–69. IEEE, 2012.

Hao Peng, Chris Gates, Bhaskar Sarma, Ninghui Li, Yuan Qi, Rahul Potharaju, Cristina Nita-Rotaru, and Ian Molloy. Using probabilistic generative models for ranking risks of android apps. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 241–252. ACM, 2012.

Yajin Zhou, Zhi Wang, Wu Zhou, and Xuxian Jiang. Hey, you, get off of my market: Detecting malicious apps in official and alternative android markets. In Proceedings of the 19th Annual Network and Distributed System Security Symposium, pages 5–8, 2012.

Wu Zhou, Yajin Zhou, Xuxian Jiang, and Peng Ning. Detecting repackaged smartphone applications in third-party android marketplaces. In Proceedings of the second ACM conference on Data and Application Security and Privacy, pages 317–326. ACM, 2012.

Asaf Shabtai, Uri Kanonov, Yuval Elovici, Chanan Glezer, and Yael Weiss. “andromaly”: a behavioral malware detection framework for android devices. Journal of Intelligent Information Systems, 38(1): 161–190, 2012.

Axelle Apvrille and Tim Strazzere. Reducing the window of opportunity for android malware gotta catch’em all. Journal in Computer Virology, 8(1–2):61–71, 2012.

Abhijith Shastry, Murat Kantarcioglu, Yan Zhou, and Bhavani Thuraisingham. Randomizing smartphone malware profiles against statistical mining techniques. In Data and Applications Security and Privacy XXVI, pages 239–254. Springer, 2012.

Te-En Wei, Ching-Hao Mao, Albert B Jeng, Hahn-Ming Lee, Horng-Tzer Wang, and Dong-Jie Wu. Android malware detection via a latent network behavior analysis. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on, pages 1251–1258. IEEE, 2012.

Borja Sanz, Igor Santos, Carlos Laorden, Xabier Ugarte-Pedrero, PabloGarcia Bringas, and Gonzalo Álvarez. Puma: Permission usage to detect malware in android. In Álvaro Herrero, Václav Snášel, Ajith Abraham, Ivan Zelinka, Bruno Baruque, Héctor Quintián, José Luis Calvo, Javier Sedano, and Emilio Corchado, editors, International Joint Conference CISIS12-ICEUTE12-SOCO’12 Special Sessions, volume 189 of Advances in Intelligent Systems and Computing, pages 289–298. Springer Berlin Heidelberg, 2013.

Chao Yang, Vinod Yegneswaran, Phillip Porras, and Guofei Gu. Detecting money-stealing apps in alternative android markets. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 1034–1036. ACM, 2012.

Ingo Bente, Bastian Hellmann, Joerg Vieweg, Josef von Helden, and Gabi Dreo. Tcads: Trustworthy, context-related anomaly detection for smartphones. In Network-Based Information Systems (NBiS), 2012 15th International Conference on, pages 247–254. IEEE, 2012.

Justin Sahs and Latifur Khan. A machine learning approach to android malware detection. In Intelligence and Security Informatics Conference (EISIC), 2012 European, pages 141–147. IEEE, 2012.

Seung-Hyun Seo, Dong-Guen Lee, and Kangbin Yim. Analysis on maliciousness for mobile applications. In Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), 2012 Sixth International Conference on, pages 126–129. IEEE, 2012.

Lena Chekina, Duku Mimran, Lior Rokach, Yuval Elovici, and Bracha Shapira. Detection of deviations in mobile applications network behavior. arXiv preprint arXiv:1208.0564, 2012.

Muhamed Halilovic and Abdulhamit Subasi. Intrusion detection on smartphones. arXiv preprint arXiv:1211.6610, 2012.

PENG Guojun, SHAO Yuru, WANG Taige, ZHAN Xian, and ZHANG Huanguo. Research on android malware detection and interception based on behavior monitoring. 17(5), 2012.

Cong Zheng, Shixiong Zhu, Shuaifu Dai, Guofei Gu, Xiaorui Gong, Xinhui Han, and Wei Zou. Smartdroid: an automatic system for revealing ui-based trigger conditions in android applications. In Proceedings of the second ACM workshop on Security and privacy in smartphones and mobile devices, pages 93–104. ACM, 2012.

Gianluca Dini, Fabio Martinelli, Ilaria Matteucci, Marinella Petrocchi, Andrea Saracino, and Daniele Sgandurra. A multi-criteria-based evaluation of android applications. In Trusted Systems, pages 67–82. Springer, 2012.

Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang. Systematic detection of capability leaks in stock android smartphones. In Proceedings of the 19th Annual Symposium on Network and Distributed System Security, 2012.

Michael Grace, Yajin Zhou, Qiang Zhang, Shihong Zou, and Xuxian Jiang. Riskranker: scalable and accurate zero-day android malware detection. In Proceedings of the 10th international conference on Mobile systems, applications, and services, pages 281–294. ACM, 2012.

Gianluca Dini, Fabio Martinelli, Andrea Saracino, and Daniele Sgandurra. Madam: a multi-level anomaly detector for android malware. In Computer Network Security, pages 240–253. Springer, 2012.

Lingguang Lei, Yuewu Wang, Jiwu Jing, Zhongwen Zhang, and Xingjie Yu. Meaddroid: detecting monetary theft attacks in android by dvm monitoring. In Information Security and Cryptology–ICISC 2012, pages 78–91. Springer, 2013.

Jordi Cucurull, Simin Nadjm-Tehrani, and Massimiliano Raciti. Modular anomaly detection for smartphone ad hoc communication. In Information Security Technology for Applications, pages 65–81. Springer, 2012.

Kejun Xin, Gang Li, Zhongyuan Qin, and Qunfang Zhang. Malware detection in smartphone using hidden markov model. In Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on, pages 857–860. IEEE, 2012.

Hua Zha and Chunlin Peng. Method of smartphone users’ information protection based on composite behavior monitor. In Intelligent Computing Technology, pages 252–259. Springer, 2012.

Chanmin Yoon, Dongwon Kim, Wonwoo Jung, Chulkoo Kang, and Hojung Cha. Appscope: Application energy metering framework for android smartphone using kernel activity monitoring. In USENIX ATC, 2012.

You-Joung Ham, Won-Bin Choi, Hyung-Woo Lee, JaeDeok Lim, and Jeong Nyeo Kim. Vulnerability monitoring mechanism in android based smartphone with correlation analysis on event-driven activities. In Computer Science and Network Technology (ICCSNT), 2012 2nd International Conference on, pages 371–375. IEEE, 2012.

Lok Kwong Yan and Heng Yin. Droidscope: seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis. In Proceedings of the 21st USENIX Security Symposium, 2012.

Iker Burguera, Urko Zurutuza, and Simin Nadjm-Tehrani. Crowdroid: behavior-based malware detection system for android. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pages 15–26. ACM, 2011.

Hahnsang Kim, Kang G Shin, and Padmanabhan Pillai. Modelz: monitoring, detection, and analysis of energy-greedy anomalies in mobile handsets. Mobile Computing, IEEE Transactions on, 10(7): 968–981, 2011.

Hsiu-Sen Chiang and W Tsaur. Identifying smartphone malware using data mining technology. In Computer Communications and Networks (ICCCN), 2011 Proceedings of 20th International Conference on, pages 1–6. IEEE, 2011.

Bryan Dixon, Yifei Jiang, Abhishek Jaiantilal, and Shivakant Mishra. Location based power analysis to detect malicious code in smartphones. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, pages 27–32. ACM, 2011.

Zhang Lei, Zhu Junmao, Tian Zhongguang, Liu Yulong, and Wang Tao. Design of mobile phone security system based on detection of abnormal behavior. In Proceedings of the 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control, pages 479–482. IEEE Computer Society, 2011.

Amir Houmansadr, Saman A Zonouz, and Robin Berthier. A cloud-based intrusion detection and response system for mobile phones. In Dependable Systems and Networks Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on, pages 31–32. IEEE, 2011.

Peter Gilbert, Byung-Gon Chun, Landon P Cox, and Jaeyeon Jung. Vision: automated security validation of mobile apps at app markets. In Proceedings of the second international workshop on Mobile cloud computing and services, pages 21–26. ACM, 2011.

Erika Chin, Adrienne Porter Felt, Kate Greenwood, and David Wagner. Analyzing inter-application communication in android. In Proceedings of the 9th international conference on Mobile systems, applications, and services, pages 239–252. ACM, 2011.

Leonid Batyuk, Markus Herpich, Seyit Ahmet Camtepe, Karsten Raddatz, A-D Schmidt, and Sahin Albayrak. Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within android applications. In Malicious and Unwanted Software (MALWARE), 2011 6th International Conference on, pages 66–72. IEEE, 2011.

Takamasa Isohara, Keisuke Takemori, and Ayumu Kubota. Kernel-based behavior analysis for android malware detection. In Computational Intelligence and Security (CIS), 2011 Seventh International Conference on, pages 1011–1015. IEEE, 2011.

Lei Liu and Dai Ping Li. Analysis based on of android malicious code intrusion detection. Advanced Materials Research, 756: 3924–3928, 2013.

Francesco Di Cerbo, Andrea Girardello, Florian Michahelles, and Svetlana Voronkova. Detection of malicious applications on android os. In Computational Forensics, pages 138–149. Springer, 2011.

Liang Xie, Xinwen Zhang, Jean-Pierre Seifert, and Sencun Zhu. pbmds: a behavior-based malware detection system for cellphone devices. In Proceedings of the third ACM conference on Wireless network security, pages 37–48. ACM, 2010.

Markus Jakobsson and Karl-Anders Johansson. Retroactive detection of malware with applications to mobile platforms. In Proceedings of the 5th USENIX conference on Hot topics in security, pages 1–13. USENIX Association, 2010.

Asaf Shabtai, Uri Kanonov, and Yuval Elovici. Intrusion detection for mobile devices using the knowledge-based, temporal abstraction method. Journal of Systems and Software, 83(8): 1524–1537, 2010.

Thomas Blasing, Leonid Batyuk, A-D Schmidt, Seyit Ahmet Camtepe, and Sahin Albayrak. An android application sandbox system for suspicious software detection. In Malicious and Unwanted Software (MALWARE), 2010 5th International Conference on, pages 55–62. IEEE, 2010.

Asaf Shabtai and Yuval Elovici. Applying behavioral detection on android-based devices. In Mobile Wireless Middleware, Operating Systems, and Applications, pages 235–249. Springer, 2010.

Asaf Shabtai, Yuval Fledel, and Yuval Elovici. Automated static code analysis for classifying android applications using machine learning. In Computational Intelligence and Security (CIS), 2010 International Conference on, pages 329–333. IEEE, 2010.

William Enck, Peter Gilbert, Byung-Gon Chun, Landon P Cox, Jaeyeon Jung, Patrick McDaniel, and Anmol Sheth. Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In OSDI, volume 10, pages 1–6, 2010.

Georgios Portokalidis, Philip Homburg, Kostas Anagnostakis, and Herbert Bos. Paranoid android: versatile protection for smartphones. In Proceedings of the 26th Annual Computer Security Applications Conference, pages 347–356. ACM, 2010.

Tansu Alpcan, Christian Bauckhage, and Aubrey-Derrick Schmidt. A probabilistic diffusion scheme for anomaly detection on smartphones. In Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices, pages 31–46. Springer, 2010.

Fudong Li, Nathan Clarke, Maria Papadaki, and Paul Dowland. Behaviour profiling on mobile devices. In Emerging Security Technologies (EST), 2010 International Conference on, pages 77–82. IEEE, 2010.

Ashkan Sharifi Shamili, Christian Bauckhage, and Tansu Alpcan. Malware detection on mobile devices using distributed machine learning. In Pattern Recognition (ICPR), 2010 20th International Conference on, pages 4348–4351. IEEE, 2010.

William Enck, Machigar Ongtang, and Patrick McDaniel. On lightweight mobile phone application certification. In Proceedings of the 16th ACM conference on Computer and communications security, pages 235–245. ACM, 2009.

A-D Schmidt, Rainer Bye, H-G Schmidt, Jan Clausen, Osman Kiraz, Kamer A Yuksel, Seyit Ahmet Camtepe, and Sahin Albayrak. Static analysis of executables for collaborative malware detection on android. In Communications, 2009. ICC’09. IEEE International Conference on, pages 1–5. IEEE, 2009.

Lei Liu, Guanhua Yan, Xinwen Zhang, and Songqing Chen. Virusmeter: Preventing your cellphone from spies. In Recent Advances in Intrusion Detection, pages 244–264. Springer, 2009.

Jong-seok Lee, Tae-Hyung Kim, and Jong Kim. Energy-efficient run-time detection of malware-infected executables and dynamic libraries on mobile devices. In Future Dependable Distributed Systems, 2009 Software Technologies for, pages 143–149. IEEE, 2009.

Aubrey-Derrick Schmidt, Frank Peters, Florian Lamour, Christian Scheel, Seyit Ahmet Çamtepe, and Şahin Albayrak. Monitoring smartphones for anomaly detection. Mobile Networks and Applications, 14(1): 92–106, 2009.

Liang Xie, Xinwen Zhang, Ashwin Chaugule, Trent Jaeger, and Sencun Zhu. Designing system-level defenses against cellphone malware. In Reliable Distributed Systems, 2009. SRDS’09. 28th IEEE International Symposium on, pages 83–90. IEEE, 2009.

Aubrey-Derrick Schmidt, Hans-Gunther Schmidt, Jan Clausen, Kamer A Yuksel, Osman Kiraz, Ahmet Camtepe, and Sahin Albayrak. Enhancing security of linux-based android devices. In in Proceedings of 15th International Linux Kongress. Lehmann, 2008.

Abhijit Bose, Xin Hu, Kang G Shin, and Taejoon Park. Behavioral detection of malware on mobile handsets. In Proceedings of the 6th international conference on Mobile systems, applications, and services, pages 225–238. ACM, 2008.

Hahnsang Kim, Joshua Smith, and Kang G Shin. Detecting energy-greedy anomalies and mobile malware variants. In Proceedings of the 6th international conference on Mobile systems, applications, and services, pages 239–252. ACM, 2008.

Deepak Venugopal and Guoning Hu. Efficient signature based malware detection on mobile devices. Mobile Information Systems, 4(1): 33–49, 2008.

Timothy K Buennemeyer, Theresa M Nelson, Lee M Clagett, John Paul Dunning, Randy C Marchany, and Joseph G Tront. Mobile device profiling and intrusion detection using smart batteries. In Hawaii International Conference on System Sciences, Proceedings of the 41st Annual, pages 296–296. IEEE, 2008.

Downloads

Published

2014-07-10

How to Cite

1.
Alzahrani AJ, Stakhanova N, Gonzalez H, A. Ghorbani A. Characterizing Evaluation Practices of Intrusion Detection Methods for Smartphones. JCSANDM [Internet]. 2014 Jul. 10 [cited 2024 Apr. 25];3(2):89-132. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/6177

Issue

2014: Vol 3 Iss 2

Section

Articles