CallDetect: Detection of Call Log Exploitation Inspired by Apoptosis

Abstract

Currently, we saw the increment trend of mobile application(app) exploitation that leads to loss of confidential information and money. Many malware camouflages itself as a genuine mobile app or exploits vulnerabilities inside mobile apps. Hence, this paper presents a mobile app called CallDetect that detects Android Application Interface (API) exploitation for call logs inspired by apoptosis. Apoptosis is known as cell-programmed death, and it is part of the human immunology system. Once it suspects any danger that might cause any harm to the human body, it will kill the suspected danger and itself. In the case of CallDetect, it will scan and uninstall the potentially malicious mobile application on a mobile phone. CallDetect consists of 13 new classifications of API call log, which are used as the database for CallDetect. These classifications were built by using static analysis and open source tools in a controlled lab environment. There were 5560 training datasets from Drebin and 550 anonymous testing dataset from Google Playstore. Our finding showed that 39 mobile apps, or 7%, were identified with possible call log exploitation. This paper can be used as a reference for call log API exploitation and can be further enhanced by integrating it with permission and system call exploitation.