A Survey Of Mobile Malware Detection Methods

969 WordsApr 27, 20164 Pages
There has been extensive work on detecting malicious mobile app. Literature cite{felt2011survey} gave a survey of mobile malware in the wild and analyzed the incentives behind 46 pieces of iOS, Android, and Symbian malware. Literature cite{amamra2012smartphone} classified malicious mobile app detection method based on 3 rules: reference behaviour, analysis approach and malware behaviour representation and divided smartphone malware detection techniques into two main classes: signature-based and anomaly-based. Literature cite{idika2007survey} examined 45 malware detection techniques which are instructive for malicious mobile app detection. In this section, we mainly focus on behavior-based malware detection methods and only review the most related ones. As mentioned before, current behavior-based mobile malware detection approaches can mostly be categorized into two main groups: emph{client-side} and emph{server-side} detection. The client-side detection approaches run locally and apply anomaly methods on the set of features which indicate the state of the app. The pBMDS cite{xie2010pbmds} is based on correlating user inputs with system calls to detect anomalous activities. A Hidden Markov Model (HMM) is used to learn application and user behaviors from two major aspects: process state transitions and user operational patterns. Built upon these two aspects, the pBMDS identifies behavioral differences between user initiated applications and malware compromised ones. Zhang et
Open Document