Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
Taxonomy mobile malware threats and detection techniquescsandit
Since last-decade, smart-phones have gained widespr
ead usage. Mobile devices store personal
details such as contacts and text messages. Due to
this extensive growth, smart-phones are
attracted towards cyber-criminals. In this research
work, we have done a systematic review of
the terms related to malware detection algorithms
and have also summarized behavioral
description of some known mobile malwares in tabula
r form. After careful solicitation of all the
possible methods and algorithms for detection of m
obile-based malwares, we give some
recommendations for designing future malware detect
ion algorithm by considering
computational complexity and detection ration of m
obile malwares.
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
“Design and Detection of Mobile Botnet Attacks”iosrjce
A mobile botnet is a type of bot that runs automatically when installed on a mobile phone, which
does not have any anti-malware. The botnet gains complete access over our mobile device. The common
propagation medium for smartphone based botnet attacks are SMS, Bluetooth and Wi-Fi. In our project, we will
demonstrate a SMS-cum-Wi-Fi based mobile botnet using a centralized C&C server. The botmaster initiates
commands to C&C server and the C&C propagates to infected smartphones i.e. bots. We will try to develop a
network which cannot be detected easily and propagates fast. The target of the propagation will be Android
Operating System. For detection, an application is created to detect whether smartphone is working as bot or
not. In this, we guide user about possible botnet attacks.
PhD Writing Assistance has recruited their experts after rigorous assessments and as such they possess high credentials from the to UAE, Saudi, the UK, and the Indian Universities. Quite obviously it is recommended to the PhD students that they should follow all these criteria and get the services from PhD Writing Assistance to attain their desired results.
For More: https://www.phdwritingassistance.com/
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
Taxonomy mobile malware threats and detection techniquescsandit
Since last-decade, smart-phones have gained widespr
ead usage. Mobile devices store personal
details such as contacts and text messages. Due to
this extensive growth, smart-phones are
attracted towards cyber-criminals. In this research
work, we have done a systematic review of
the terms related to malware detection algorithms
and have also summarized behavioral
description of some known mobile malwares in tabula
r form. After careful solicitation of all the
possible methods and algorithms for detection of m
obile-based malwares, we give some
recommendations for designing future malware detect
ion algorithm by considering
computational complexity and detection ration of m
obile malwares.
Comparative Study on Intrusion Detection Systems for Smartphonesiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
“Design and Detection of Mobile Botnet Attacks”iosrjce
A mobile botnet is a type of bot that runs automatically when installed on a mobile phone, which
does not have any anti-malware. The botnet gains complete access over our mobile device. The common
propagation medium for smartphone based botnet attacks are SMS, Bluetooth and Wi-Fi. In our project, we will
demonstrate a SMS-cum-Wi-Fi based mobile botnet using a centralized C&C server. The botmaster initiates
commands to C&C server and the C&C propagates to infected smartphones i.e. bots. We will try to develop a
network which cannot be detected easily and propagates fast. The target of the propagation will be Android
Operating System. For detection, an application is created to detect whether smartphone is working as bot or
not. In this, we guide user about possible botnet attacks.
PhD Writing Assistance has recruited their experts after rigorous assessments and as such they possess high credentials from the to UAE, Saudi, the UK, and the Indian Universities. Quite obviously it is recommended to the PhD students that they should follow all these criteria and get the services from PhD Writing Assistance to attain their desired results.
For More: https://www.phdwritingassistance.com/
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
To protect sensitive resources from unauthorized use, modern mobile systems, such a Android and iOS,
design a permission-based access control model. However, current model could not enforce fine-grained control
over the dynamic permission use contexts, causing two severe security problems. First, any code package in an
application could use the granted permissions, inducing attackers to embed malicious payloads into benign apps.
Second, the permissions granted to a benign application may be utilized by an attacker through vulnerable
application interactions. Although ad hoc solutions have been proposed, none could systematically solve these
two issues within a unified framework. The first such framework to provide context-sensitive permission
enforcement that regular’s permission use policies according to system-wide application contexts, which cover
both intra-application context and inter-application context. We build a prototype system on Android , named
FineDroid, to track such context during the applicaton execution. To flexibly regulate the context-sensitive
permission rules, FineDroid features a policy framework that could express generic application contexts. We
demonstrate the benefits of FineDroid by instantiating several security extensions based on the policy
framework, for three potential users: end users, administrators and developers. Furthermore, FineDroid is
showed to introduce a minor overhead
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
Experts have been predicting the coming “post PC” era for a few
years. So the question has been, “when will we know that it’s
really here?” A simple answer is, we’ll know it’s really here when
cybercriminals move beyond the PC. By that measure, 2012 is truly
the year we entered the post-PC era as cybercriminals moved to
embrace Android, social media platforms, and even Macs with their
attacks.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
Today's corporate world is part of the battleground fighting against potential threats and attacks. Though the threat landscape is evolving ra pidly, security has usually always caught up to gain the upper hand.
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...CSCJournals
Social engineering is a major threat to organizations as more and more companies digitize operations and increase connectivity through the internet. After defining social engineering and the problems it presents, this study offers a critical review of existing protection measures, tools, and policies for organizations to combat cyber security social engineering. Through a systematic review of recent studies published on the subject, our analysis identifies the need to provide training for employees to ensure they understand the risks of social engineering and how best to avoid becoming a victim. Protection measures include awareness programs, training of non-technical staff members, new security networks, software usage, and security protocols to address social engineering threats.
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
End users are increasingly vulnerable to attacks directed at web browsers which make the most of popularity of today’s web services. While organizations deploy several layers of security to protect their systems and data against unauthorised access, surveys reveal that a large fraction of end users do not utilize and/or are not familiar with any security tools. End users’ hesitation and unfamiliarity with security products contribute vastly to the number of online DDoS attacks, malware and Spam distribution. This work on progress paper proposes a design focused on the notion of increased participation of internet service providers in protecting end users. The proposed design takes advantage of three different detection tools to identify the maliciousness of a website content and alerts users through utilising Internet Content Adaptation Protocol (ICAP) by an In-Browser cross-platform messaging system. The system also incorporates the users’ online behaviour analysis to minimize the scanning intervals of malicious websites database by client honeypots. Findings from our proof of concept design and other research indicate that such a design can provide a reliable hybrid detection mechanism while introducing low delay time into user browsing experience.
Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Bo...Editor IJCATR
Among the various forms of malware attacks such as Denial of service, Sniffer, Buffer overflows are the most dreaded threats to computer networks. These attacks are known as botnet attacks and self-propagating in nature and act as an agent or user interface to control the computers which they attack. In the process of controlling a malware, Bot header(s) use a program to control remote systems through internet with the help of zombie systems. Botnets are collection of compromised computers (Bots) which are remotely controlled by its originator (Bot-Master) under a common Command-and-Control (C&C) structure. A server commands to the bot and botnet and receives the reports from the bot. The bots use Trojan horses and subsequently communicate with a central server using IRC. Botnet employs different techniques like Honeypot, communication protocols (e.g. HTTP and DNS) to intrude in new systems in different stages of their lifecycle. Therefore, identifying the botnets has become very challenging; because the botnets are upgrading their methods periodically for affecting the networks. Here, the focus on addressing the botnet detection problem in an Enterprise Network
This research introduces novel Solution to mitigate the malicious activities of Botnet attacks through the Principle of component analysis of each traffic data, measurement and countermeasure selection mechanism called Malware Hunter. This system is built on attack graph-based analytical models based on classification process and reconfigurable through update solutions to virtual network-based countermeasures.
— in distributed computing environment, Mobile agents
are mobile autonomous processes which operate on behalf of
users (e.g., the Internet). These applications include a specialized
search of a middleware services such as an active mail system,
large free-text database, electronic malls for shopping, and
updated networking devices. Mobile agent systems use less
network bandwidth, increase asynchrony among clients and
servers, dynamically update server interfaces and introduce
concurrency. Due to software components, security of mobile
agent is essential in any mobile agent based application. Security
services such as Confidentiality, Integrity, Authentication,
Authorization and Non-Repudiation are discussed and combat
with by the researchers. This work is proposing a new technique
for access control area of security for the mobile agents and it
will be implemented using an example of shopping cart data
sharing for multiple levels.
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
Android smart phone is one of the fast growing mobile phones and because of these it the one of the most preferred target of malware developer. Malware apps can penetrate the device and gain privileges in which it can perform malicious activities such reading user contact, misusing of private information such as sending SMS and can harm user by exploiting the users private data which is stored in the device. The study is about implementation of detecting untrusted on android applications, which would be the basis of all future development regarding malware detection.
The smartphone users worldwide are not aware of the permissions as the basis of all malicious activities that could possibly operate in an android system and may steal personal and private information. Android operating system is an open system in which users are allowed to install application from any unsafe sites. However permission mechanism of and android system is not enough to guarantee the invulnerability of the application that can harm the user. In this paper, the permission scoring-based analysis that will scrutinized the installed permission and allows user to increase the efficiency of Android permission to inform user about the risk of the installed Android application, in this paper, the framework that would classify the level of sensitivity of the permission access by the application. The framework uses a formula that will calculate the sensitivity level of the permission and determine if the installed application is untrusted or not. Our result show that, in a collection of 26 untrusted application, the framework is able to correct and determine the application's behavior consistently and efficiently.
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
To protect sensitive resources from unauthorized use, modern mobile systems, such a Android and iOS,
design a permission-based access control model. However, current model could not enforce fine-grained control
over the dynamic permission use contexts, causing two severe security problems. First, any code package in an
application could use the granted permissions, inducing attackers to embed malicious payloads into benign apps.
Second, the permissions granted to a benign application may be utilized by an attacker through vulnerable
application interactions. Although ad hoc solutions have been proposed, none could systematically solve these
two issues within a unified framework. The first such framework to provide context-sensitive permission
enforcement that regular’s permission use policies according to system-wide application contexts, which cover
both intra-application context and inter-application context. We build a prototype system on Android , named
FineDroid, to track such context during the applicaton execution. To flexibly regulate the context-sensitive
permission rules, FineDroid features a policy framework that could express generic application contexts. We
demonstrate the benefits of FineDroid by instantiating several security extensions based on the policy
framework, for three potential users: end users, administrators and developers. Furthermore, FineDroid is
showed to introduce a minor overhead
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
Experts have been predicting the coming “post PC” era for a few
years. So the question has been, “when will we know that it’s
really here?” A simple answer is, we’ll know it’s really here when
cybercriminals move beyond the PC. By that measure, 2012 is truly
the year we entered the post-PC era as cybercriminals moved to
embrace Android, social media platforms, and even Macs with their
attacks.
Basic survey on malware analysis, tools and techniquesijcsa
The term malware stands for malicious software. It is a program installed on a system without the
knowledge of owner of the system. It is basically installed by the third party with the intention to steal some
private data from the system or simply just to play pranks. This in turn threatens the computer’s security,
wherein computer are used by one’s in day-to-day life as to deal with various necessities like education,
communication, hospitals, banking, entertainment etc. Different traditional techniques are used to detect
and defend these malwares like Antivirus Scanner (AVS), firewalls, etc. But today malware writers are one
step forward towards then Malware detectors. Day-by-day they write new malwares, which become a great
challenge for malware detectors. This paper focuses on basis study of malwares and various detection
techniques which can be used to detect malwares.
Today's corporate world is part of the battleground fighting against potential threats and attacks. Though the threat landscape is evolving ra pidly, security has usually always caught up to gain the upper hand.
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...CSCJournals
Social engineering is a major threat to organizations as more and more companies digitize operations and increase connectivity through the internet. After defining social engineering and the problems it presents, this study offers a critical review of existing protection measures, tools, and policies for organizations to combat cyber security social engineering. Through a systematic review of recent studies published on the subject, our analysis identifies the need to provide training for employees to ensure they understand the risks of social engineering and how best to avoid becoming a victim. Protection measures include awareness programs, training of non-technical staff members, new security networks, software usage, and security protocols to address social engineering threats.
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
End users are increasingly vulnerable to attacks directed at web browsers which make the most of popularity of today’s web services. While organizations deploy several layers of security to protect their systems and data against unauthorised access, surveys reveal that a large fraction of end users do not utilize and/or are not familiar with any security tools. End users’ hesitation and unfamiliarity with security products contribute vastly to the number of online DDoS attacks, malware and Spam distribution. This work on progress paper proposes a design focused on the notion of increased participation of internet service providers in protecting end users. The proposed design takes advantage of three different detection tools to identify the maliciousness of a website content and alerts users through utilising Internet Content Adaptation Protocol (ICAP) by an In-Browser cross-platform messaging system. The system also incorporates the users’ online behaviour analysis to minimize the scanning intervals of malicious websites database by client honeypots. Findings from our proof of concept design and other research indicate that such a design can provide a reliable hybrid detection mechanism while introducing low delay time into user browsing experience.
Malware Hunter: Building an Intrusion Detection System (IDS) to Neutralize Bo...Editor IJCATR
Among the various forms of malware attacks such as Denial of service, Sniffer, Buffer overflows are the most dreaded threats to computer networks. These attacks are known as botnet attacks and self-propagating in nature and act as an agent or user interface to control the computers which they attack. In the process of controlling a malware, Bot header(s) use a program to control remote systems through internet with the help of zombie systems. Botnets are collection of compromised computers (Bots) which are remotely controlled by its originator (Bot-Master) under a common Command-and-Control (C&C) structure. A server commands to the bot and botnet and receives the reports from the bot. The bots use Trojan horses and subsequently communicate with a central server using IRC. Botnet employs different techniques like Honeypot, communication protocols (e.g. HTTP and DNS) to intrude in new systems in different stages of their lifecycle. Therefore, identifying the botnets has become very challenging; because the botnets are upgrading their methods periodically for affecting the networks. Here, the focus on addressing the botnet detection problem in an Enterprise Network
This research introduces novel Solution to mitigate the malicious activities of Botnet attacks through the Principle of component analysis of each traffic data, measurement and countermeasure selection mechanism called Malware Hunter. This system is built on attack graph-based analytical models based on classification process and reconfigurable through update solutions to virtual network-based countermeasures.
— in distributed computing environment, Mobile agents
are mobile autonomous processes which operate on behalf of
users (e.g., the Internet). These applications include a specialized
search of a middleware services such as an active mail system,
large free-text database, electronic malls for shopping, and
updated networking devices. Mobile agent systems use less
network bandwidth, increase asynchrony among clients and
servers, dynamically update server interfaces and introduce
concurrency. Due to software components, security of mobile
agent is essential in any mobile agent based application. Security
services such as Confidentiality, Integrity, Authentication,
Authorization and Non-Repudiation are discussed and combat
with by the researchers. This work is proposing a new technique
for access control area of security for the mobile agents and it
will be implemented using an example of shopping cart data
sharing for multiple levels.
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
ANDROID UNTRUSTED DETECTION WITH PERMISSION BASED SCORING ANALYSISijitcs
Android smart phone is one of the fast growing mobile phones and because of these it the one of the most preferred target of malware developer. Malware apps can penetrate the device and gain privileges in which it can perform malicious activities such reading user contact, misusing of private information such as sending SMS and can harm user by exploiting the users private data which is stored in the device. The study is about implementation of detecting untrusted on android applications, which would be the basis of all future development regarding malware detection.
The smartphone users worldwide are not aware of the permissions as the basis of all malicious activities that could possibly operate in an android system and may steal personal and private information. Android operating system is an open system in which users are allowed to install application from any unsafe sites. However permission mechanism of and android system is not enough to guarantee the invulnerability of the application that can harm the user. In this paper, the permission scoring-based analysis that will scrutinized the installed permission and allows user to increase the efficiency of Android permission to inform user about the risk of the installed Android application, in this paper, the framework that would classify the level of sensitivity of the permission access by the application. The framework uses a formula that will calculate the sensitivity level of the permission and determine if the installed application is untrusted or not. Our result show that, in a collection of 26 untrusted application, the framework is able to correct and determine the application's behavior consistently and efficiently.
Android-manifest extraction and labeling method for malware compilation and d...IJECEIAES
Malware is a nuisance for smartphone users. The impact is detrimental to smartphone users if the smartphone is infected by malware. Malware identification is not an easy process for ordinary users due to its deeply concealed dangers in application package kit (APK) files available in the Android Play Store. In this paper, the challenges of creating malware datasets are discussed. Long before a malware classification process and model can be built, the need for datasets with representative features for most types of malwares has to be addressed systematically. Only after a quality data set is available can a quality classification model be obtained using machine learning (ML) or deep learning (DL) algorithms. The entire malware classification process is a full pipeline process and sub processes. The authors purposefully focus on the process of building quality malware datasets, not on ML itself, because implementing ML requires another effort after the reliable dataset is fully built. The overall step in creating the malware dataset starts with the extraction of the Android Manifest from the APK file set and ends with the labeling method for all the extracted APK files. The key contribution of this paper is on how to generate datasets systematically from any APK file.
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
Malware is an application that is harmful to your forensic information. Basically, malware analyses is the process of analysing the behaviours of malicious code and then create signatures to detect and defend against it.Malware, such as Trojan horse, Worms and Spyware severely threatens the forensic security. This research observed that although malware and its variants may vary a lot from content signatures, they share some behaviour features at a higher level which are more precise in revealing the real intent of malware. This paper investigates the various techniques of malware behaviour extraction and analysis. In addition, we discuss the implications of malware analysis tools for malware detection based on various techniques.
SPECIFICATION BASED TESTING OF ON ANDROID SYSTEMSijwmn
With the surging of mobile applications, mobile security draws more and more attentions from researchers
in various areas. Due to the lack of quality assurance approaches in mobile computing, many mobile
applications suffer the vulnerabilities and security flaws. In this paper, we proposed a model based unit
testing approach on the android security properties using JUnit. Both behavior and structure model of the
android application were developed on the Unified Modeling Language (UML) – behavior is described in
state diagram, while structure is described in class diagram. Our approach focus on two common security
groups – the access control and authentication properties. Both groups are represented in the operations
defined in the class diagrams and dynamic behaviors are captured (partially) in the state diagram. A set of
well defined test cases is developed to validate the desired properties based on the class diagram. All
properties on the class diagram and state diagram are described in Object Constraint Language (OCL) – a
formal specification language on the first order logic and set theory.The results of this research will
provide a sound foundation towards the specification based unit testing on mobile security.
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESijmnct
Mobile devices have become very popular nowadays, due to is portability and high performance, a mobile
device became a must device for persons using information and communication technologies. In addition to
hardware rapid evolution, mobile applications are also increasing in their complexity and performance to
cover most the needs of their users. Both software and hardware design focused on increasing performance
and the working hours of a mobile device. Different mobile operating systems are being used today with
different platforms and different market shares. Like all information systems, mobile systems are prone to
malware attacks. Due to the personality feature of mobile devices, malware detection is very important and
is a must tool in each device to protect private data and mitigate attacks. In this paper, we will study and
analyze different malware detection techniques used for mobile operating systems. We will focus on the to
two competing mobile operating systems – Android and iOS. We will asset each technique summarizing its
advantages and disadvantages. The aim of the work is to establish a basis for developing a mobile malware
detection tool based on user profiling.
Malware detection techniques for mobile devicesijmnct
Mobile devices have become very popular nowadays, due to is portability and high performance, a mobile device became a must device for persons using information and communication technologies. In addition to hardware rapid evolution, mobile applications are also increasing in their complexity and performance to cover most the needs of their users. Both software and hardware design focused on increasing performance and the working hours of a mobile device. Different mobile operating systems are being used today with different platforms and different market shares. Like all information systems, mobile systems are prone to malware attacks. Due to
the personality feature of mobile devices, malware detection is very important and is a must tool in each device to protect private data and mitigate attacks. In
this paper, we will study and analyze different malware detection techniques used for mobile operating systems. We will focus on the to two competing mobile operating systems – Android and iOS. We will asset each technique summarizing its advantages and disadvantages. The aim of the work is to establish a basis for developing a mobile malware detection tool based on user profiling.
Similar to Review on mobile threats and detection techniques (20)
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Review on mobile threats and detection techniques
1. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
DOI:10.5121/ijdps.2014.5403 21
REVIEW ON MOBILE THREATS AND
DETECTION TECHNIQUES
Lovi Dua and Divya Bansal
Computer Science Department, PEC University of Technology,
Sector 12, Chandigarh 160012, India
ABSTRACT
Since last-decade, smart-phones have gained widespread usage. Mobile devices store personal details
such as contacts and text messages. Due to this extensive growth, smart-phones are attracted towards
cyber-criminals. In this research work, we have done a systematic review of the terms related to malware
detection algorithms and have also summarized behavioral description of some known mobile malwares
in tabular form. After careful solicitation of all the possible methods and algorithms for detection of
mobile-based malwares, we give some recommendations for designing future malware detection algorithm
by considering computational complexity and detection ration of mobile malwares.
KEYWORDS
Smart-phones, Malware, Attacks, Static analysis, Dynamic analysis.
1. INTRODUCTION
Now, there is a thin line difference between Smart-phones, PCs(Personal Computers) and other
newly emerged devices like tabs, notebooks and laptops as all are now connected technologies. Due
to various services like social networking and gaming provided by smart-phones with the help of
applications, these are exposed to gain some confidential information from mobile-devices. Smart-
phone OSs includes symbian, android, palmOS and embedded Linux etc. Android is the popular
platform for smart-phone based malware authors as any third-party vendor can create applications
for android phones and deploy it on android market. Sometimes, even trusted applications are able
to leak user's location and phone's identity and share it on server without its consent. Due to this
growing skill-set of cyber-criminals who device their algorithms for breaching privacy,
embarrassing service-provider and bring inconvenience to the users. So, it requires special care to
secure these networked devices from malwares with the help of anti-developed techniques and
algorithms for detection. This paper focuses on describing mobile-based threats and its counter
detection techniques.
1.1 Current State of Study
This section discusses some current malwares reported by security researcher groups. In
2010,different types of mobile malwares are found including DroidDream, Geinimi, GGTracker,
Plankton Tonclank and HongTouTou. These malwares are much like original Cabir worm.
2. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
22
LookOut security firm reported that over one million of android devices are affected in first half of
2011[21]. In 2012, it is reported by Homeland security department that 79 percent of the mobile
threats were targeted to Android operating systems. In January 2012, Symantec identified Trojan
horse named AndroidCounterclank for stealing information [3]. Security firm Kaspersky found in
2013 that 98 percent of malware was directed at android platform.
1.2 Organization of paper
In this paper section 2 will discuss mobile device attack vectors and types of detection techniques
for mobile malwares. Section3 will discuss detection techniques and algorithms proposed by
various researchers and section 4 will give conclusion by analyzing various techniques proposed by
different researchers followed by some future recommendations.
2. MOBILE MALWARES
Mobile devices are targets to malware authors, as they store sensitive data and connected
technology by means of blue-tooth connectivity, SMS/MMS messages and Wireless LAN
2.1 Mobile Device Threats
Numerous attack vectors exist which compromises security of mobile devices [5]. Three main
categories of attacks could be carried over mobile devices which includes- malware attacks,
grayware attacks and spyware attacks described as:-
2.1.1 Malware - These kind of attacks steal personal data from mobile devices and damage
devices [22]. With device vulnerabilities and luring user to install additional apps, attacker can gain
unauthorized root access to devices. Some of the malware attacks are listed as:-
Bluetooth attacks: With Bluetooth attacks, attacker could insert contacts or SMS messages,
steals victim's data from their devices and can track user's mobile location. Blue-bugging is kind of
blue-tooth attack through which attacker could listen conversations by activating software
including malicious activities [22].
SMS attacks: Through SMS attacks, attacker can advertise and spread phishing links. SMS
messages can also be used by attackers to exploit vulnerabilities [22].
GPS/Location attacks: User's current location and movement can be accessed with global
positioning system (GPS) hardware and then information can be sold to other companies involved
in advertising[22].
Phone jail-breaking: With jail-breaking, an attacker can remove security implications of
operating system like it allows OS to install additional and unsigned applications. Users are
attracted to install them as they could get additional functionality [22].
Premium rate attacks: They posed serious security concerns because premium rate SMS
messages could go unnoticed until attacker faces thousands or dollars of bill on his device as they
don't need permissions to send SMS on premium rated numbers [22].
2.1.2 Grayware: Grayware include applications which collects the data from mobile devices for
marketing purposes. Their intention is make no harm to users but annoy them.
3. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
23
2.1.3 Spyware: Spyware collects personal information from user's phone such as contacts, call
history and location. Personal spyware are able to gain physical access of the device by installing
software without user's consent. By collecting information about victim's phone, they send it to
attacker who installed the app rather than the author of the application.
2.2 Behavioral Classification
Malware may also be classified on the basis of their behavior. Table 1 depicts behavioral
classification of some known malwares as shown below:-
Table 1: Malware Behavioral classification
Malwares Behavior Description Operating System
FlexiSPY Stealing user
credentials
Track user
information emails,
photos, browser
history and then
send it to server.
Symbian, Windows
Mobile and
BlackBerry.
Fake player Content delivery
manipulation
Runs in background
when clicking on
media player
application. Send
SMS Messages to
premium rated
numbers.
Android OS
Zitmo(Zeus In the
Mobile)
Stealing user
credentials
Forwards incoming
SMS messages from
mobile phones to
remote server for
access of bank
accounts.
Android OS
Skuller Content delivery
manipulation
It overwrites system
files without user's
knowledge as a
result smart-phones
would stop working
and had been
switched off.
Symbian OS
Genimi SMS Spam It sends multiple
spam messages
containing phishing
links.
Android OS
Hong Tou Tou Search engine
optimization
Improves website
ranking in search
engines.
Android OS
4. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
24
3. MALWARE DETECTION TECHNIQUES
Malwares must be analyzed in order to understand risk associated with malwares. However, many
detection techniques exist in literature to expose the behavior and functionality of malwares.
Detection techniques are broadly categorized into three types- static analysis, dynamic analysis and
permission-based analysis with different parameters as described in Figure 3.1
3.1 Static analysis
Static analysis investigates downloaded app by inspecting its software properties and source code.
However, obfuscation and encryption techniques embedded in software makes static analysis
difficult. Static analysis is further categorized into two categories- signature-based detection and
behavior-based detection traditionally used by anti-viruses.
Kim et al. [11] proposed framework for detection and monitoring of energy greedy threats by
building power consumption from the collected samples. After generating power signatures, data
analyzer compares them with signatures present in a database. Batyuk et al.[18] proposed system
for static analysis of android applications . First, they provide in-depth static analysis of
applications and present readable reports to user for assessment and taking security relevant
decisions-to install or not to install an application. Then the method is developed to overcome
security threats introduced by the applications by disabling malicious features from them. Ontang
et al.[19] proposed Secure application Interaction Framework (Saint) by extending android
security architecture for protection of interfaces and enhancing interaction policies between calling
and callee applications.
Wei et al.[15] proposed a static feature-based approach and develop system named Droid Mat able
to detect and distinguish android malware . Their mechanism considers the static information
including permissions, intents and regarding components to characterize android malware , clustering
algorithm is applied to enhance malware modeling capability .K-Nearest Neighbor algorithm classify
applications as benign and malicious applications. Finally their results are compared with well
known tool Androguard, published in Blackhat 2011 and it is found that DroidMat is efficient as it
takes only half time than Androguard to predict 1738 applications.
Bose et al. [12] present behavioral detection framework for representation of malware behavior by
observing logical ordering of applications actions. Malicious behavior is discriminated from normal
behavior by training SVM. System is evaluated for both real-world and simulated mobile malwares
with 96% accuracy.
Schmidt et al.[10] describes a method for symbianOS malware analysis called centroid based on
static function call analysis by extracting features from binaries and clustering is applied for
detection of unknown malwares. VirusMeter [9] is proposed to detect anomalous behavior on mobile
devices by catching malwares which are consuming abnormal power .Machine learning algorithms
helped to improve its detection accuracy. pBMDS [20] an approach through which user-behavior is
analyzed by collecting data through logs of key-board operations and LCD displays and then
correlated with system calls to detect anomalous activities. Hidden markov model(HMM) is
5. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
25
leveraged to learn user-behavior and malware behavior for discrimination of differences
between them.
3.2 Dynamic analysis
Dynamic analysis involves execution of application in isolated environment to track its execution
behavior. In contrast to static analysis, dynamic analysis enables to disclose natural behavior of
malware as executed code is analyzed, therefore immune to obfuscation attempts.
Batyuk et al. [8] proposed an android application sandbox (AA Sandbox) system for analysis of
android applications consists of fast static pre-check facility and kernel space sand-box. For
suspicious application detection, both static and dynamic analysis is performed on android
applications. AASandbox takes APK file and list out following files by decompressing them-
Androidmanifest.xml, res/, classes.dex. Manifest file holds security permissions and description of
application. Res/ folder defines layout, graphical user interface (GUI) elements and language of
application. Classes.dex file contains executable code for execution on dalvik virtual machine
which is then de-compiled to java files with baksmali and then code is searched for suspicious
patterns. Monkey program designed for stress testing of applications generates pseudo random
sequences of user-events such as touches and mouse-clicks. It is used to hijack system calls for
logging operation and helpful to get the logging behavior of application at system level. Around
150 applications are collected for testing and evaluation.
Min et al. [13] proposed run-time based behavior dynamic analysis system for android
applications. Proposed system consists of event detector, log monitor and parser. Event trigger is
able to simulate the user's action with static analysis. Static analyzer generates manifest.xml and
java code with the help of application .apk file. Semantic analysis find list of risk based
permissions, activities and services including other information such as hash code and package
name. Data flow analysis creates control flow graph (CFG) of the application by mapping of user-
defined methods and API calling. By running application in a customized emulator with loadable
LKM, sensitive information about application can be captured such as sent SMS , call log and
network data for entry address of system calls. Logs recorded with debugging tool logcat for
sensitive behavior sent to Log parser. Log monitor gathers log data as the application runs and
parser analyzes log data by picking sensitive information and filtering out unnecessary information.
By collecting 350 apps from the Amazon Android Market, results found that about 82 applications
leak private data.
Enack et al. [14] proposed Apps-playground framework for automatic dynamic analysis of android
applications. Designed approach is able to analyze malicious applications in addition to applications
leaking private data from smart-phones without the user's consent. Dynamic analysis should possess
detection techniques including ability to explore application code as much as possible and the
environment should be as much real that malicious application could not obfuscate. Automatic
analysis code integrates the detection, exploration and disguise techniques to explore android
applications effectively. Detection techniques detect the malicious functionality while app is being
executed .It includes taint tracing which monitor sensitive APIs with TaintDroid such as SMS APIs
and kernel level monitoring for tracing of root exploits. Automatic exploration techniques are helpful
for code coverage of applications by simulating events such as location changes and received SMS
6. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
26
so that all application code is covered. Fuzzy testing and intelligent black box execution testing is
used for automatic exploration of android applications. Disguise techniques create realistic
environment by providing data such as International mobile equipment identity(IMEI), contacts,
SMS, GPS coordinates etc.
Enck et al. [7] proposed TaintDroid for dynamic analysis. First dynamic analysis tool used for
system wide analysis of android applications by tracking flow of sensitive information through third-
party applications. TaintDroid integrates multiple granularities at object level i.e, variable, method,
message and file level. It is able to monitor how the sensitive data are used by applications and then
taints are labeled. TaintDroid is tested on around 30 applications and it is found that 15 of them uses
personal information.
3.3 Permission-based analysis
With the help of listed permissions in manifest.xml, various researchers are able to detect
applications malicious behavior. [2]These permissions have the ability to limit application behavior
by controlling over privacy and reducing bugs and vulnerabilities.
Johnson et. al. [16] proposed architecture for automatic downloading of android applications from
the android market. Different algorithms employed for searching of applications such as
downloading applications by application category. With static analysis, required permissions can
be obtained based on its functionality. Permission names are searched in android source code and
then mapped with API calls to know that whether requested permissions are correct or not.
Program examines all smali files of application to obtain list of method calls used in an application.
Each method call is then compared with method call listed in permission protected android API
calls to know exact permissions. Restricted permission set is compared with all the permissions
specified in AndroidManifest.xml file to find out extra permissions, lacking of permissions and
exact permission set required for its functionality.
Zhou et al. [17] proposed DroidRanger for systematic study on overall health of both official and
unofficial Android Markets with the focus on the detection of malicious apps. DroidRanger
leverages a crawler for collection of apps from the Android Market and saved into local repository.
Features extracted from collected apps include requested permissions and author information. Two
different detection engines are used for detection of known and unknown malwares. First detection
engine is permission-based behavioral foot-printing scheme able to distil apps requiring dangerous
permissions such as SEND_SMS and RECEIVE_SMS permissions. Therefore, number of apps to
be processed for second detection engine is reduced. In second step, multiple dimensions for
behavioral foot-printing scheme chosen for listening of all system-wide broadcast messages if they
contains receiver named android.provider.Telephony.SMS_RECEIVED. Obtained callgraph
associates API calls to specific components specified in a rule. For example- by calling
abortBroadCast function with specific rule, a method is obtained to detect apps monitoring
incoming SMS messages. Second detection engine includes some heuristics to detect suspicious
apps and zero-day malwares. Heuristics attempts to dynamically fetch and run code from untrusted
websites which is further monitored during run-time execution to confirm whether it is truly
malicious or not.
7. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
27
Table 2: Summary of Some Mobile Malware Detection Techniques
4. CONCLUSION
Smart-phones are becoming popular in terms of power, sensor and communication. Modern, smart-
phones provide lots of services such as messaging, browsing internet, emailing, playing games in
addition to traditional voice services. Due to its multi-functionality, new security threats are
emerged for mobile devices. In this paper, we presented survey on various techniques for detection
of mobile malware. We have categorized various mobile malware detection techniques based on
features extracted from them and monitoring system calls as they provide us low level information.
We have analyzed that information-flow tracking, API call monitoring and network analysis
provide more deeper analysis and useful information for detection of mobile malware.
5. RECOMMENDATIONS for FUTURE
Following are some recommendations for designing algorithm to detect mobile-based applications
containing malwares.
1. Multiple sources for feature extraction should be used for building feature-set to detect mobile
malwares.
2. There should be national or international database for reporting malware incidents so that
developers are aware of distinct vulnerabilities related to mobile malwares.
8. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
28
3. Artificial intelligence algorithms(neural network-based) should be used to improve detection
ratio.
4. Machine to machine communication and authentications tools must be used in between multiple
device platforms.
REFERENCES
1. F-Secure. Trojan:symbos/yxe, http://www.virus.fi/v-descs/trojan_symbos_yxe.shtml.
2. Manifest.permission,Androiddeveloper,
http://developer.android.com/reference/android/Manifest.permission.html
3. Android.Counterclank Found in Official Android Market,
http://www.symantec.com/connect/fr/blogs/androidcounter
4. M.L.Polla ,F. Martinelli, D.Sgandurra: A Survey on Security for Mobile Devices: Communications
Surveys and Tutorials, pp.446-471.IEEE(2013)
5. McAfee Labs Q3 2011 Threats Report Press Release, 2011,http://www.mcafee.
com/us/about/news/2011/q4/20111121-01.aspx
6. M. Chandramoha, H.Tan: Detection of Mobile Malware in the Wild.:Computer (Volume:45 , Issue: 9
) ,pp.65-71(2012)
7. W.Enck, P. Gilbert, B.G. Chun, L.P.Cox, J.Jung, P.McDaniel, A.P.Sheth: TaintDroid: an information-
ow tracking systemfor realtime privacy monitoring on smart-phones.:In OSDI'10 Proceedings of the
9th USENIX conference on Operating systems design and implementation,pp.1-6 ,USENIX
Association Berkeley, CA,USA (2010 )
8. T.Blasing, L.Batyuk, A.D.Schimdt, S.H.Camtepe, S.Albayrak,:An Android Application Sandbox
System for Suspicious Software Detection.
9. L.Liu,G.Yan, X.Zhang, S.Chen,: VirusMeter: Preventing Your Cell phone from Spies.: Proceedings
of the 12th International Symposium on Recent Advances in Intrusion Detection.,pp.244-264,
Springer-Verlag,Berlin, Heidelberg(2009).
10. A.D.Schmidt, J.H.Clausen,S.H.Camtepe, S.Albayrak: Detecting Symbian OS Malware through
Static Function Call Analysis: In Proceedings of the 4th IEEE International Conference on Malicious
and Unwanted Software,pp.15-22.IEEE(2009).
11. H.Kim, J.Smith, K.G.Shin,:Detecting energy-greedy anomalies and mobile malware variants: In
MobiSys 08: Proceeding of the 6th international conference on Mobile systems, applications, and
services,pp.239-252.ACM,NewYork(2008).
12. A. Bose,X.Hu, K.G.Shin, T.Park: Behavioral detection of malware on mobile handsets:In MobiSys
08: Proceeding of the 6th international conference on Mobile systems, applications, and
services,pp.225-238.,ACM,NewYork(2008).
13. L.Min,Q.Cao: Runtime-based Behavior Dynamic Analysis System for Android Malware Detection:
Advanced Materials Research,pp.2220-2225.
14. V.Rastogi, Y.Chen, W.Enck: AppsPlayground: Automatic Security Analysis of Smartphone
Applications:In CODASPY'13 Proceedings of the third ACM conference on Data and application
security and privacy,pp.209-220.ACM,NewYork(2013)
15. D.J.Wu,C.H.Mao,T.E.Wei,H.M.Lee,K.P.Wu: DroidMat: Android Malware Detection through
Manifest and API Calls Tracing.: In Information Security (AsiaJCIS), 2012 Seventh Asia Joint
Conference ,pp.62-69.IEEE,Tokyo(2012)
16. R.Jhonson, Z.Wang, C.Gagnon, A.Stavrou,: Analysis of android applications' permissions.:In
Software Security and Reliability Companion (SERE-C) Sixth Inter-national Conference,pp.45-
46.IEEE(2012)
17. Y.Zhou,, Z.Wang, W.Zhou,X.Jiang: Hey, You, Get o_ of My Market: Detecting Malicious Apps in
O_cial and Alternative Android Markets: In Proceedings of the 19th Network and Distributed
System Security Symposium,San Diego,CA(2012).
9. International Journal of Distributed and Parallel Systems (IJDPS) Vol.5, No.4, July 2014
29
18. L.Batyuk,M.Herpich,S.A.Camtepe,K.Raddatz,A.D.Schmidt,S.Albayrak:Using static analysis for
automatic assessment and mitigation of unwanted and malicious activities within Android
applications.: In 6th International Conference on Malicious and Unwanted Software,pp.66-72.IEEE
Computer Society(2011)
19. M.Ongtang,S.E.McLaughlin,W.Enck,P.D.McDaniel,:Semantically rich application-centric security
in android:In Proceedings of the 25th Annual Computer Security Application Conference
(ACSAC),pp.340-349(2009)
20. L.Xie, X.Zhang, J.P.Siefert, S.Zhu: pBMDS: a behavior-based malware detection system for
cellphone devices.:In Wisec'10 Proceedings of the third ACM conference on Wireless network
security,Hoboken,pp.37-48.ACM,USA(2010)
21. A.P.Felt ,M.Finifter,E.Chin,S.Hanna,D.Wagner:A survey of mobile malware in the wild.:In
Proceedings of the 1st ACM workshop on Security and privacy in smart phones and mobile
devices,pp.3-14.ACM,NewYork(2011)
22. D.Stites, A.Tadimla :A Survey Of Mobile Device Security: Threats, Vulnerabilities and
Defenses./urlhttp://afewguyscoding.com/2011/12/survey-mobile-device security-threats-
vulnerabilities-defenses.