Malware Detection in Smartphone Using Hidden Markov Model

被引:6
作者
Xin, Kejun [1 ]
Li, Gang [1 ]
Qin, Zhongyuan [2 ,3 ]
Zhang, Qunfang [4 ]
机构
[1] Nanjing Sample Technol Co Ltd, Nanjing, Jiangsu, Peoples R China
[2] Southeast Univ, Informat Sci & Engn Sch, Nanjing, Jiangsu, Peoples R China
[3] Minist Publ Secur, Key Lab Informat Network Secur, Shanghai, Peoples R China
[4] Nanjing Inst Artillery Corps, Dept Comp, Nanjing, Jiangsu, Peoples R China
来源
2012 FOURTH INTERNATIONAL CONFERENCE ON MULTIMEDIA INFORMATION NETWORKING AND SECURITY (MINES 2012) | 2012年
关键词
smartphone malware; behavior detection; system function calls; Hidden Markov Model(HMM);
D O I
10.1109/MINES.2012.134
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
In recent years, smart phone technology is becoming increasingly popular. The dangers of mobile phone malwares are becoming more and more serious. In this paper we present a new mobile smartphone malware detection scheme based on Hidden Markov Model (HMM) which is different from the traditional signature scanning methods. Firstly, we monitor the key press and system function call sequence, and take the key press as hidden state. After decoding HMM model, abnormal process can be detected using the matching rate of HMM output to the actual key press sequence. The experimental results demonstrate that the proposed method can effectively detect mobile malwares.
引用
收藏
页码:857 / 860
页数:4
相关论文
共 4 条
  • [1] Oberheide Jon, 2008, THE FIRST WORKSHOP O
  • [2] Pang YQ, 2012, PROCEEDINGS OF THE 2012 INTERNATIONAL WORKSHOP ON METAMATERIALS (META)
  • [3] Qin Zhongyuan, 2011, 3TH INTERNATIONAL CO
  • [4] Detecting intrusions using system calls: Alternative data models
    Warrender, C
    Forrest, S
    Pearlmutter, B
    [J]. PROCEEDINGS OF THE 1999 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 1999, : 133 - 145
1