Abstract
Android malware has become the topmost threat for the ubiquitous and useful Android ecosystem. Multiple solutions leveraging big data and machine-learning capabilities to detect Android malware are being constantly developed. Too often, these solutions are either limited to research output or remain isolated and incapable of reaching end users or malware researchers. An earlier work named PACE (Platform for Android Malware Classification and Performance Evaluation), was introduced as a unified solution to offer open and easy implementation access to several machine-learning-based Android malware detection techniques, that makes most of the research reproducible in this domain. The benefits of PACE are offered through three interfaces: Representational State Transfer (REST) Application Programming Interface (API), Web Interface, and Android Debug Bridge (ADB) interface. These multiple interfaces enable users with different expertise such as IT administrators, security practitioners, malware researchers, etc. to use their offered services. In this paper, we propose PACER (Platform for Android Malware Classification, Performance Evaluation, and Threat Reporting), which extends PACE by adding threat intelligence and reporting functionality for the end-user device through the ADB interface. A prototype of the proposed platform is introduced, and our vision is that it will help malware analysts and end users to tackle challenges and reduce the amount of manual work.
Highlights
Malware binary is a compiled “set of instructions” or a “computer program” written intentionally to perform malicious activities that range from simple pop-up display to unauthorized access of the device [1]
In this proposed work (Platform for Android Malware Classification, Performance Evaluation and Threat Reporting (PACER)), we have extended the functionality of performance Evaluation (PACE) by enhancing threat intelligence functionality and providing a proper reporting module for the end-user device
The Threat Intelligence Reporting (TIR) module can be developed in two ways either as a plugin for existing PACE or as an independent system, and can access PACE scanning through an Application Programming Interface (API) interface
Summary
Malware binary is a compiled “set of instructions” or a “computer program” written intentionally to perform malicious activities that range from simple pop-up display to unauthorized access of the device [1]. The following research works have been done in the direction of providing online services and platforms to perform analysis and classification of Android malware, quite similar to what we proposed in this article. The core idea was presented in [15] and this proposed work is a substantial improvement over PACE In this proposed work (Platform for Android Malware Classification, Performance Evaluation and Threat Reporting (PACER)), we have extended the functionality of PACE by enhancing threat intelligence functionality and providing a proper reporting module for the end-user device. The performance gain and differentiated points regarding the proposed work PACER lies in its capabilities to provide an easy research platform for Android malware detection, generating threat intelligence and effective reporting.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
