Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/150817
Title: Securing Android app markets via modeling and predicting malware spread between markets
Authors: Meng, Guozhu
Patrick, Matthew
Xue, Yinxing
Liu, Yang
Zhang, Jie
Keywords: Engineering::Computer science and engineering
Issue Date: 2019
Source: Meng, G., Patrick, M., Xue, Y., Liu, Y. & Zhang, J. (2019). Securing Android app markets via modeling and predicting malware spread between markets. IEEE Transactions On Information Forensics and Security, 14(7), 1944-1959. https://dx.doi.org/10.1109/TIFS.2018.2889924
Journal: IEEE Transactions on Information Forensics and Security
Abstract: The Android ecosystem has recently dominated mobile devices. Android app markets, including official Google Play and other third party markets, are becoming hotbeds, where malware originates and spreads. Android malware has been observed to both propagate within markets and spread between markets. If the spread of Android malware between markets can be predicted, market administrators can take appropriate measures to prevent the outbreak of malware and minimize the damages caused by malware. In this paper, we make the first attempt to protect the Android ecosystem by modeling and predicting the spread of Android malware between markets. To this end, we study the social behaviors that affect the spread of malware, model these spread behaviors with multiple epidemic models, and predict the infection time and order among markets for well-known malware families. To achieve an accurate prediction of malware spread, we model spread behaviors in the following fashion: 1) for a single market, we model the within-market malware growth by considering both the creation and removal of malware; 2) for multiple markets, we determine market relevance by calculating the mutual information among them; and 3) based on the previous two steps, we simulate a susceptible infected model stochastically for spread among markets. The model inference is performed using a publicly available well-labeled dataset AndRadar. To conduct extensive experiments to evaluate our approach, we collected a large number (334,782) of malware samples from 25 Android markets around the world. The experimental results show our approach can depict and simulate the growth of Android malware on a large scale, and predict the infection time and order among markets with 0.89 and 0.66 precision, respectively.
URI: https://hdl.handle.net/10356/150817
ISSN: 1556-6013
DOI: 10.1109/TIFS.2018.2889924
Rights: © 2018 IEEE. All rights reserved.
Fulltext Permission: none
Fulltext Availability: No Fulltext
Appears in Collections:SCSE Journal Articles

Page view(s)

39
Updated on Nov 30, 2021

Google ScholarTM

Check

Altmetric


Plumx

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.