Home // SECURWARE 2017, The Eleventh International Conference on Emerging Security Information, Systems and Technologies // View article

Hugin: A Scalable Hybrid Android Malware Detection System

Authors:
Dominik Teubert
Johannes Krude
Samuel Schueppen
Ulrike Meyer

Keywords: mobile malware detection; app vetting; machine-learning

Abstract:
Mobile operating systems are a prime target of today's malware authors and cyber criminals. In particular, Google's Android suffers from an ever increasing number of malware attacks in the form of malicious apps. These typically originate from poorly policed third-party app stores that fail to vet the apps prior to publication. In this paper, we present Hugin, a machine learning-based app vetting system that uses features derived from dynamic, as well as static analysis and thus falls into the scarcely studied class of hybrid approaches. Hugin is unique with respect to using IPC/RPC monitoring as source for dynamically extracted features. Furthermore, Hugin uses a short (and yet effective) feature vector that leads to a high efficiency in training as well as classification. Our evaluation shows that Hugin achieves a detection accuracy of up to 99.74% on an up-to-date data set consisting of more than 14,000 malware samples and thus, is easily capable of competing with other current systems.

Pages: 168 to 176

Copyright: Copyright (c) IARIA, 2017

Publication date: September 10, 2017

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-582-1

Location: Rome, Italy

Dates: from September 10, 2017 to September 14, 2017