東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Advanced Techniques to Detect Comple...

Li, Zhiqiang.

Linked to FindBook

Google Book

Amazon

博客來

Advanced Techniques to Detect Complex Android Malware.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Advanced Techniques to Detect Complex Android Malware./
Author:	Li, Zhiqiang.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2020,
Description:	113 p.
Notes:	Source: Dissertations Abstracts International, Volume: 81-10, Section: B.
Contained By:	Dissertations Abstracts International81-10B.
Subject:	Computer science. -
Online resource:	https://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=27837893
ISBN:	9798641839219

Advanced Techniques to Detect Complex Android Malware.
Li, Zhiqiang.

Advanced Techniques to Detect Complex Android Malware. - Ann Arbor : ProQuest Dissertations & Theses, 2020 - 113 p.

Source: Dissertations Abstracts International, Volume: 81-10, Section: B.

Thesis (Ph.D.)--The University of Nebraska - Lincoln, 2020.

This item must not be sold to any third party vendors.

Android is currently the most popular operating system for mobile devices in the world. However, its openness is the main reason for the majority of malware to be targeting Android devices. Various approaches have been developed to detect malware. Unfortunately, new breeds of malware utilize sophisticated techniques to defeat malware detectors. For example, to defeat signature-based detectors, malware authors change the malware's signatures to avoid detection. As such, a more effective approach to detect malware is by leveraging malware's behavioral characteristics. However, if a behavior-based detector is based on static analysis, its reported results may contain a large number of false positives. In real-world usage, completing static analysis within a short time budget can also be challenging.Because of the time constraint, analysts adopt approaches based on dynamic analyses to detect malware. However, dynamic analysis is inherently unsound as it only reports analysis results of the executed paths. Besides, recently discovered malware also employs structure-changing obfuscation techniques to evade detection by state-of-the-art systems. Obfuscation allows malware authors to redistribute known malware samples by changing their structures. These factors motivate a need for malware detection systems that are efficient, effective, and resilient when faced with such evasive tactics.In this dissertation, we describe the developments of three malware detection systems to detect complex malware: DroidClassifier, GranDroid, and Obfusifier. DroidClassifier is a systematic framework for classifying network traffic generated by mobile malware. GranDroid is a graph-based malware detection system that combines dynamic analysis, incremental and partial static analysis, and machine learning to provide time-sensitive malicious network behavior detection with high accuracy. Obfusifier is a highly effective machine-learning-based malware detection system that can sustain its effectiveness even when malware authors obfuscate these malicious apps using complex and composite techniques.Our empirical evaluations reveal that DroidClassifier can successfully identify different families of malware with 94.33% accuracy on average. We have also shown GranDroid is quite effective in detecting network-related malware. It achieves 93.0% accuracy, which outperforms other related systems. Lastly, we demonstrate that Obfusifier can achieve 95% precision, recall, and F-measure, collaborating its resilience to complex obfuscation techniques.

ISBN: 9798641839219Subjects--Topical Terms:

523869
Computer science.
Subjects--Index Terms:

Android

Advanced Techniques to Detect Complex Android Malware.
LDR:03673nmm a2200349 4500 001 2275220
005 20201202130437.5
008 220723s2020 ||||||||||||||||| ||eng d
020 $a 9798641839219
035 $a (MiAaPQ)AAI27837893
035 $a AAI27837893
040 $a MiAaPQ $c MiAaPQ
100 1 $a Li, Zhiqiang. $3 1531324
245 1 0 $a Advanced Techniques to Detect Complex Android Malware.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2020
300 $a 113 p.
500 $a Source: Dissertations Abstracts International, Volume: 81-10, Section: B.
500 $a Advisor: Srisa-an, Witawas;Yan, Qiben.
502 $a Thesis (Ph.D.)--The University of Nebraska - Lincoln, 2020.
506 $a This item must not be sold to any third party vendors.
520 $a Android is currently the most popular operating system for mobile devices in the world. However, its openness is the main reason for the majority of malware to be targeting Android devices. Various approaches have been developed to detect malware. Unfortunately, new breeds of malware utilize sophisticated techniques to defeat malware detectors. For example, to defeat signature-based detectors, malware authors change the malware's signatures to avoid detection. As such, a more effective approach to detect malware is by leveraging malware's behavioral characteristics. However, if a behavior-based detector is based on static analysis, its reported results may contain a large number of false positives. In real-world usage, completing static analysis within a short time budget can also be challenging.Because of the time constraint, analysts adopt approaches based on dynamic analyses to detect malware. However, dynamic analysis is inherently unsound as it only reports analysis results of the executed paths. Besides, recently discovered malware also employs structure-changing obfuscation techniques to evade detection by state-of-the-art systems. Obfuscation allows malware authors to redistribute known malware samples by changing their structures. These factors motivate a need for malware detection systems that are efficient, effective, and resilient when faced with such evasive tactics.In this dissertation, we describe the developments of three malware detection systems to detect complex malware: DroidClassifier, GranDroid, and Obfusifier. DroidClassifier is a systematic framework for classifying network traffic generated by mobile malware. GranDroid is a graph-based malware detection system that combines dynamic analysis, incremental and partial static analysis, and machine learning to provide time-sensitive malicious network behavior detection with high accuracy. Obfusifier is a highly effective machine-learning-based malware detection system that can sustain its effectiveness even when malware authors obfuscate these malicious apps using complex and composite techniques.Our empirical evaluations reveal that DroidClassifier can successfully identify different families of malware with 94.33% accuracy on average. We have also shown GranDroid is quite effective in detecting network-related malware. It achieves 93.0% accuracy, which outperforms other related systems. Lastly, we demonstrate that Obfusifier can achieve 95% precision, recall, and F-measure, collaborating its resilience to complex obfuscation techniques.
590 $a School code: 0138.
650 4 $a Computer science. $3 523869
653 $a Android
653 $a Code obfuscation
653 $a Machine learning
653 $a Malicious network behaviors
653 $a Malware
690 $a 0984
710 2 $a The University of Nebraska - Lincoln. $b Computer Science. $3 1035526
773 0 $t Dissertations Abstracts International $g 81-10B.
790 $a 0138
791 $a Ph.D.
792 $a 2020
793 $a English
856 4 0 $u https://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=27837893