Malware Analysis Method Based Random Access Memory in Android
Mobile phone has become an indispensable part of people’s life, and an increasing number of information is stored on the mobile phones, once malware infects your phone that will cause serious damage to your personal and property security. The study of mal
- PDF / 1,261,708 Bytes
- 17 Pages / 439.37 x 666.142 pts Page_size
- 65 Downloads / 271 Views
Abstract. Mobile phone has become an indispensable part of people’s life, and an increasing number of information is stored on the mobile phones, once malware infects your phone that will cause serious damage to your personal and property security. The study of malicious software has been proposed constantly, but with so many applications flooding into marketplace and the improvement of malicious software, there are still some gaps in software quality control. The continuous improvement of malware also requires us to improve the detection technology in real time, and more importantly, we need to find more characteristics of malware on various aspects. This article will focus on the dynamic characteristics of malware and aim at random access memory in Android to carry out the experiment. Random access memory is the memory that application needs to reside while it is running, and it is a good reflection of the running characteristics of apps. Hence we extract the random access memory of software and analyse it on the process dimension, rather than on the analysis of the memory block. And the main experiment structure of our method is convolutional neural network. Based on our research, we found the relationship between malware and some process that can be used to effectively classify malware. The experiment result shows that this method has greatly improved the accuracy on the detection of malware. Keywords: Mobile · Security · Malware · Process
1 Introduction The development of technology makes more and more people go online, in 2019, 4.54 billion people had access to the Internet, accounting for nearly 60% of the world’s population. According to the 2019 global mobile Internet user behavior guide released by the APUS research institute [1], smartphone users spend 5.4 h per day on their mobile device in average, with mobile applications, such as video, games and online shopping, becoming the top time killer. It is referred in the 2020 mobile market report released by App Annie in the US, the number of app downloads reached 204 billion in 2019, an increase of 6% from 2018. The emergence of a large number of users and apps also makes the malware more active. Kaspersky antivirus software detected 3,503,952 malicious installation packages, 69,777 new mobile banking trojans, 68,362 new mobile blackmail trojans in 2019 [2]. © Springer Nature Singapore Pte Ltd. 2020 L. Batina and G. Li (Eds.): ATIS 2020, CCIS 1338, pp. 78–94, 2020. https://doi.org/10.1007/978-981-33-4706-9_6
Malware Analysis Method Based Random Access Memory in Android
79
It’s worth noting that there are two major trends: attackers attack users’ personal data more frequently, and trojans are detected more frequently in the app market. What’s more, malware developers not only generated more software packages, but also improved their technology, especially to bypass the limitations of operating systems. For example, for the sake of battery savings, Android places restrictions on the background operations of applications, which have a negative impact on
Data Loading...
