Summary
Asia-Pacific Network Operations and Management Symposium
2016
Session Number:TS3
Session:
Number:TS3-4
Mobile Malware Detection in Sandbox with Live Event Feeding and Log Pattern Analysis
Wei-Ting Lin, Jen-Yi Pan,
pp.-
Publication Date:2016/10/5
Online ISSN:2188-5079
Summary:
In recent years, the use of smart devices is becoming increasingly popular. All kinds of mobile applications are emerging. In addition to the official market, there are also many ways to allow users to download the mobile app. As unidentified instances of malware grow day by day, off-the-shelf malware detection methods identify malicious programs mainly with extracted signatures of codes, which only can effectively identify already known malwares, but not new malwares in initial spread. If no samples of these malwares are reported and the virus code library is not patched, users wont be alerted to the malwares. Therefore, this paper proposed a new detection method by live log analysis. A sandbox is conducted to mimic human operations and monitor responses from APPs. Feeding these manual events can excite deactivated malwares and improve the accuracy of log analysis, even though these malware are unknown yet. This study takes recent malwares and benign programs to conduct experiments, and then verifies the effectiveness of the proposed method comparing with those in other papers. The experimental results show that the proposed method outperforms in both hit rate and pass rate.