AUTOMATED MALWARE DETECTION FOR ANDROID AMDA

The Android platform is the fastest growing market in smartphone operating systems to date. As such, it has become the most viable target of security threats. The reliance of the Android Market Security Model on its reactive anti-malware system presents an opportunity for malware to be present in the Official Android Market and does not encompass applications outside the official market. This allows applications to masquerade as harmless applications which lead to the loss of credentials if precautions are not taken. Most anti-malware applications in the Market use static analysis for detection because it is fast and relatively simple. However, static analysis requires regular updates of threat databases and it may be circumvented by obfuscation techniques. As a solution to these problems, the study utilizes behavior analysis of applications as basis for malware. As a first step, features of known-benign and known-malicious applications are extracted for machine learning to provide baseline behavior datasets. Test applications are then passed through the behavior based module for identification of its being malware or benign. A classification scheme is provided for applications identified as malware by the system.