A survey on dynamic mobile malware detection

Abstract

The outstanding advances of mobile devices stimulate their wide usage. Since mobile devices are coupled with third-party applications, lots of security and privacy problems are induced. However, current mobile malware detection and analysis technologies are still imperfect, ineffective, and incomprehensive. Due to the specific characteristics of mobile devices such as limited resources, constant network connectivity, user activities and location sensing, and local communication capability, mobile malware detection faces new challenges, especially on dynamic runtime malware detection. Many intrusions or attacks could happen after a mobile app is installed or executed. The literature still expects practical and effective dynamic malware detection approaches. In this paper, we give a thorough survey on dynamic mobile malware detection. We first introduce the definition, evolution, classification, and security threats of mobile malware. Then, we summarize a number of criteria and performance evaluation measures of mobile malware detection. Furthermore, we compare, analyze, and comment on existing mobile malware detection methods proposed in recent years based on evaluation criteria and measures. Finally, we figure out open issues in this research field and motivate future research directions.