Abstract
There are various malicious applications (app) in mobile platform, especially for Android devices, it is difficult to develop a model directly for malwares, due to the limitation of application testing samples. In this paper we propose a novel malicious application detection model RT-MAD for Android devices: Real-Time Malicious Application Detection. This model can generate a malicious app space through normal application modeling by (i) first we develop an Android Real-time API monitor tool to collect API data for each app running on the devices, and cleaning them into time series data, (ii) then we modify Hidden Markov Model (HMM) to train the majority genres of normal apps, obtaining the normal apps space, (iii) and finally we use Randomized Real-Valued Negative Selection (RRNS) to generate a set of likelihood vectors based on the normal app space, covering all possible malicious applications, thus we get the malicious app space for malwares detection. We conduct experiments on HMM training and RRNS malicious apps space generation, the result shows that we can get precision of 91% for normal genres of apps in HMM model. However, in some situation, the malicious apps space generated in RRNS would cover the normal apps, for the safety of devices, it is acceptable since our RT-MAD can achieve precision of 91% in malwares detection.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
