AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection. Feizollah, A., Anuar, N., B., Salleh, R., Suarez-Tangil, G., & Furnell, S. Computers & Security, Elsevier, 11, 2016. ![AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection [link]](https://bibbase.org/img/filetypes/link.svg "link")
Website abstract bibtex The wide popularity of Android systems has been accompanied by increase in the number of malware targeting these systems. This is largely due to the open nature of the Android framework that facilitates the incorporation of third-party applications running on top of any Android device. Inter-process communication is one of the most notable features of the Android framework as it allows the reuse of components across process boundaries. This mechanism is used as gateway to access different sensitive services in the Android framework. In the Android platform, this communication system is usually driven by a late runtime binding messaging object known as Intent. In this paper, we evaluate the effectiveness of Android Intents (explicit and implicit) as a distinguishing feature for identifying malicious applications. We show that Intents are semantically rich features that are able to encode the intentions of malware when compared to other well-studied features such as permissions. We also argue that these type of feature is not the ultimate solution. It should be used in conjunction with other known features. We conducted experiments using a dataset containing 7,406 applications that comprise of 1,846 clean and 5,560 infected applications. The results show detection rate of 91% using Android Intent against 83% using Android permission. Additionally, experiment on combination of both features results in detection rate of 95.5%.
@article{
title = {AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection},
type = {article},
year = {2016},
identifiers = {[object Object]},
keywords = {android,malware,security,smartphone},
websites = {http://dx.doi.org/10.1016/j.cose.2016.11.007},
month = {11},
publisher = {Elsevier},
id = {080c06da-4bb4-3cca-bbd2-293a2b4abbe3},
created = {2018-07-12T21:32:28.153Z},
file_attached = {false},
profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
last_modified = {2018-07-12T21:32:28.153Z},
read = {false},
starred = {false},
authored = {false},
confirmed = {true},
hidden = {false},
citation_key = {Feizollah:AndroDialysis},
source_type = {article},
private_publication = {false},
abstract = {The wide popularity of Android systems has been accompanied by increase in the number of malware targeting these systems. This is largely due to the open nature of the Android framework that facilitates the incorporation of third-party applications running on top of any Android device. Inter-process communication is one of the most notable features of the Android framework as it allows the reuse of components across process boundaries. This mechanism is used as gateway to access different sensitive services in the Android framework. In the Android platform, this communication system is usually driven by a late runtime binding messaging object known as Intent. In this paper, we evaluate the effectiveness of Android Intents (explicit and implicit) as a distinguishing feature for identifying malicious applications. We show that Intents are semantically rich features that are able to encode the intentions of malware when compared to other well-studied features such as permissions. We also argue that these type of feature is not the ultimate solution. It should be used in conjunction with other known features. We conducted experiments using a dataset containing 7,406 applications that comprise of 1,846 clean and 5,560 infected applications. The results show detection rate of 91% using Android Intent against 83% using Android permission. Additionally, experiment on combination of both features results in detection rate of 95.5%.},
bibtype = {article},
author = {Feizollah, Ali and Anuar, Nor B and Salleh, Rosli and Suarez-Tangil, Guillermo and Furnell, Steven},
journal = {Computers & Security}
}
Downloads: 0
{"_id":"WsppDhRDdhpvf9T5c","bibbaseid":"feizollah-anuar-salleh-suareztangil-furnell-androdialysisanalysisofandroidintenteffectivenessinmalwaredetection-2016","downloads":0,"creationDate":"2019-02-15T15:15:01.683Z","title":"AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection","author_short":["Feizollah, A.","Anuar, N., B.","Salleh, R.","Suarez-Tangil, G.","Furnell, S."],"year":2016,"bibtype":"article","biburl":null,"bibdata":{"title":"AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection","type":"article","year":"2016","identifiers":"[object Object]","keywords":"android,malware,security,smartphone","websites":"http://dx.doi.org/10.1016/j.cose.2016.11.007","month":"11","publisher":"Elsevier","id":"080c06da-4bb4-3cca-bbd2-293a2b4abbe3","created":"2018-07-12T21:32:28.153Z","file_attached":false,"profile_id":"f954d000-ce94-3da6-bd26-b983145a920f","group_id":"b0b145a3-980e-3ad7-a16f-c93918c606ed","last_modified":"2018-07-12T21:32:28.153Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"citation_key":"Feizollah:AndroDialysis","source_type":"article","private_publication":false,"abstract":"The wide popularity of Android systems has been accompanied by increase in the number of malware targeting these systems. This is largely due to the open nature of the Android framework that facilitates the incorporation of third-party applications running on top of any Android device. Inter-process communication is one of the most notable features of the Android framework as it allows the reuse of components across process boundaries. This mechanism is used as gateway to access different sensitive services in the Android framework. In the Android platform, this communication system is usually driven by a late runtime binding messaging object known as Intent. In this paper, we evaluate the effectiveness of Android Intents (explicit and implicit) as a distinguishing feature for identifying malicious applications. We show that Intents are semantically rich features that are able to encode the intentions of malware when compared to other well-studied features such as permissions. We also argue that these type of feature is not the ultimate solution. It should be used in conjunction with other known features. We conducted experiments using a dataset containing 7,406 applications that comprise of 1,846 clean and 5,560 infected applications. The results show detection rate of 91% using Android Intent against 83% using Android permission. Additionally, experiment on combination of both features results in detection rate of 95.5%.","bibtype":"article","author":"Feizollah, Ali and Anuar, Nor B and Salleh, Rosli and Suarez-Tangil, Guillermo and Furnell, Steven","journal":"Computers & Security","bibtex":"@article{\n title = {AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection},\n type = {article},\n year = {2016},\n identifiers = {[object Object]},\n keywords = {android,malware,security,smartphone},\n websites = {http://dx.doi.org/10.1016/j.cose.2016.11.007},\n month = {11},\n publisher = {Elsevier},\n id = {080c06da-4bb4-3cca-bbd2-293a2b4abbe3},\n created = {2018-07-12T21:32:28.153Z},\n file_attached = {false},\n profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},\n group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},\n last_modified = {2018-07-12T21:32:28.153Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n citation_key = {Feizollah:AndroDialysis},\n source_type = {article},\n private_publication = {false},\n abstract = {The wide popularity of Android systems has been accompanied by increase in the number of malware targeting these systems. This is largely due to the open nature of the Android framework that facilitates the incorporation of third-party applications running on top of any Android device. Inter-process communication is one of the most notable features of the Android framework as it allows the reuse of components across process boundaries. This mechanism is used as gateway to access different sensitive services in the Android framework. In the Android platform, this communication system is usually driven by a late runtime binding messaging object known as Intent. In this paper, we evaluate the effectiveness of Android Intents (explicit and implicit) as a distinguishing feature for identifying malicious applications. We show that Intents are semantically rich features that are able to encode the intentions of malware when compared to other well-studied features such as permissions. We also argue that these type of feature is not the ultimate solution. It should be used in conjunction with other known features. We conducted experiments using a dataset containing 7,406 applications that comprise of 1,846 clean and 5,560 infected applications. The results show detection rate of 91% using Android Intent against 83% using Android permission. Additionally, experiment on combination of both features results in detection rate of 95.5%.},\n bibtype = {article},\n author = {Feizollah, Ali and Anuar, Nor B and Salleh, Rosli and Suarez-Tangil, Guillermo and Furnell, Steven},\n journal = {Computers & Security}\n}","author_short":["Feizollah, A.","Anuar, N., B.","Salleh, R.","Suarez-Tangil, G.","Furnell, S."],"urls":{"Website":"http://dx.doi.org/10.1016/j.cose.2016.11.007"},"bibbaseid":"feizollah-anuar-salleh-suareztangil-furnell-androdialysisanalysisofandroidintenteffectivenessinmalwaredetection-2016","role":"author","keyword":["android","malware","security","smartphone"],"downloads":0},"search_terms":["androdialysis","analysis","android","intent","effectiveness","malware","detection","feizollah","anuar","salleh","suarez-tangil","furnell"],"keywords":["android","malware","security","smartphone"],"authorIDs":[]}