Android Malware Detection using Machine Learning : Data-Driven Fingerprinting and Threat Intelligence / by ElMouatez Billah Karbab, Mourad Debbabi, Abdelouahid Derhab, Djedjiga Mouheb.

Format:

Book

Author/Creator:

Karbab, ElMouatez Billah., Author.

Debbabi, Mourad, Author.

Derhab, Abdelouahid., Author.

Mouheb, Djedjiga, Author.

Contributor:

SpringerLink (Online service)

Series:

Computer Science (SpringerNature-11645)

Advances in information security 2512-2193 ; 86

Advances in Information Security, 2512-2193 ; 86

Language:

English

Subjects (All):

Computer networks-Security measures.

Machine learning.

Pattern recognition systems.

Mobile computing.

Mobile and Network Security.

Machine Learning.

Automated Pattern Recognition.

Mobile Computing.

Local Subjects:

Mobile and Network Security.

Machine Learning.

Automated Pattern Recognition.

Mobile Computing.

Physical Description:

1 online resource (XIV, 202 pages) : 81 illustrations, 64 illustrations in color.

Edition:

1st ed. 2021.

Contained In:

Springer Nature eBook

Place of Publication:

Cham : Springer International Publishing : Imprint: Springer, 2021.

System Details:

text file PDF

Summary:

The authors develop a malware fingerprinting framework to cover accurate android malware detection and family attribution in this book. The authors emphasize the following: (1) the scalability over a large malware corpus; (2) the resiliency to common obfuscation techniques; (3) the portability over different platforms and architectures. First, the authors propose an approximate fingerprinting technique for android packaging that captures the underlying static structure of the android applications in the context of bulk and offline detection at the app-market level. This book proposes a malware clustering framework to perform malware clustering by building and partitioning the similarity network of malicious applications on top of this fingerprinting technique. Second, the authors propose an approximate fingerprinting technique that leverages dynamic analysis and natural language processing techniques to generate Android malware behavior reports. Based on this fingerprinting technique, the authors propose a portable malware detection framework employing machine learning classification. Third, the authors design an automatic framework to produce intelligence about the underlying malicious cyber-infrastructures of Android malware. The authors then leverage graph analysis techniques to generate relevant intelligence to identify the threat effects of malicious Internet activity associated with android malware. The authors elaborate on an effective android malware detection system, in the online detection context at the mobile device level. It is suitable for deployment on mobile devices, using machine learning classification on method call sequences. Also, it is resilient to common code obfuscation techniques and adaptive to operating systems and malware change overtime, using natural language processing and deep learning techniques. Researchers working in mobile and network security, machine learning and pattern recognition will find this book useful as a reference. Advanced-level students studying computer science within these topic areas will purchase this book as well.

Contents:

Introduction

Background and Related Work

Fingerprinting Android Malware Packages

Robust Android Malicious Community Fingerprinting

Android Malware Fingerprinting Using Dynamic Analysis

Fingerprinting Cyber-Infrastructures of Android Malware

Portable Supervised Malware Fingerprinting using Deep Learning

Resilient and Adaptive Android Malware Fingerprinting and Detection

Conclusion.

Other Format:

Printed edition:

ISBN:

978-3-030-74664-3

9783030746643

Access Restriction:

Restricted for use by site license.