Mobile Malware Detection Using Consortium Blockchain

Abstract

AbstractThe purpose of the paper is to explore the problem of detecting malicious codes in malware and a way, based on consortium blockchain, to detect and control the propagation in mobile devices. According to Damballa’s Q4 State of Infections report, the antivirus products overlooked 70% of malware signatures within the first hour (Q4 2014 State of Infections Report. Q4 2014 state of infections report. https://www.interwest.com/news/press-releases/1013, accessed August 2021). This is despite the fact that malware detection is carried out via numerous detection techniques such as static analysis, behavioural analysis and sand-boxing. Specially, malware detection in the mobile devices has always been a challenging issue, especially on the efficient and open-source Android platform. Since each company acts as an independent entity and there is a proliferation of antivirus products, the rate of detection and effective identification of the malware is slowed down. In this chapter, we try to establish a relation between the different detection products through better communication, faster updating (via the common ledger) and more efficient and accurate detection of malicious programs. The communication is improved as all the nodes (anti-malware agencies) refer to the same blockchain in the consortium network, hence possessing a common record. Combining the malware signature of all entities into one increases the detection of malware, reduces false positive rates via majority voting and speeds up the spread of signature awareness. The resulting system, as proposed in this paper creates an environment that provides a more precise classification of the application file provided by the user. Therefore, in conclusion, incorporating the blockchain technology, with the anti-malware producers as nodes, improves accuracy, merging the security services provided by the blockchain technology.