Detecting Repackaged Android Malware Based on Mobile Edge Computing
The repackaged malware has become one of the most serious problems on Android platform nowadays. To detect repackaged Android malware, recent research has produced extensive approaches and tools, and most of them are done by comparing repackaged apps with the original ones. However, how to choose or...
Saved in:
| Published in | 2018 Sixth International Conference on Advanced Cloud and Big Data (CBD) pp. 360 - 365 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.08.2018
|
| Subjects | |
| Online Access | Get full text |
| DOI | 10.1109/CBD.2018.00071 |
Cover
| Abstract | The repackaged malware has become one of the most serious problems on Android platform nowadays. To detect repackaged Android malware, recent research has produced extensive approaches and tools, and most of them are done by comparing repackaged apps with the original ones. However, how to choose original apps is a non-trivial challenge. One possible way is to treat all apps in the official Android market as original apps, while in this way the pairwise comparison is inefficient and time-consuming. In this paper, we propose a novel method to detect repackaged Android malware based on Mobile Edge Computing (MEC). Our main observation is that MEC servers can collect network traffic traces generated by both original and repackaged apps in large degrees, thus we can directly analyze these traffic traces to detect repackaged malware. To be specific, plaintext contents and flow statistical features are extracted from network traffic to calculate similarities between apps. After that, the similarity values are clustered to separate original apps and repackaged malware automatically. We ran a thorough set of experiments to assess the performance of the proposed method. The experimental results show that the proposed method can detect repackaged Android malware at high speed and with high precision. |
|---|---|
| AbstractList | The repackaged malware has become one of the most serious problems on Android platform nowadays. To detect repackaged Android malware, recent research has produced extensive approaches and tools, and most of them are done by comparing repackaged apps with the original ones. However, how to choose original apps is a non-trivial challenge. One possible way is to treat all apps in the official Android market as original apps, while in this way the pairwise comparison is inefficient and time-consuming. In this paper, we propose a novel method to detect repackaged Android malware based on Mobile Edge Computing (MEC). Our main observation is that MEC servers can collect network traffic traces generated by both original and repackaged apps in large degrees, thus we can directly analyze these traffic traces to detect repackaged malware. To be specific, plaintext contents and flow statistical features are extracted from network traffic to calculate similarities between apps. After that, the similarity values are clustered to separate original apps and repackaged malware automatically. We ran a thorough set of experiments to assess the performance of the proposed method. The experimental results show that the proposed method can detect repackaged Android malware at high speed and with high precision. |
| Author | Xu, Bingfeng Zhu, Haiting Zhang, Lu He, Gaofeng |
| Author_xml | – sequence: 1 givenname: Gaofeng surname: He fullname: He, Gaofeng – sequence: 2 givenname: Lu surname: Zhang fullname: Zhang, Lu – sequence: 3 givenname: Bingfeng surname: Xu fullname: Xu, Bingfeng – sequence: 4 givenname: Haiting surname: Zhu fullname: Zhu, Haiting |
| BookMark | eNotjs1Kw0AYRUdQUGu2btzMCyR-8z9ZtmmrQosg3Zf5-RJG0yQkFfHtjejqwj3cw70ll13fISH3DArGoHysVuuCA7MFABh2QbLSWKaE1RaE1Nckm6b3GXFthQRzQ6o1njGcU9fQNxxc-HANRrrs4tinSPeu_XIj0pWb5rbv6L73qUW6iQ3Sqj8Nn7_LO3JVu3bC7D8X5LDdHKrnfPf69FItd3liRp1z4UsZgqnnIzbG6I1TJgoVHA_olfIi1CZIKSMruWc8gAbNNday1AiqFgvy8KdNiHgcxnRy4_fRKgFWG_ED1IxJmA |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/CBD.2018.00071 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE/IET Electronic Library IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9781538680346 1538680343 |
| EndPage | 365 |
| ExternalDocumentID | 8530867 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IL 6IN AAJGR AAWTH ABLEC ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK IEGSK OCL RIB RIC RIE RIL |
| ID | FETCH-LOGICAL-i175t-3b94cc7f0348dddb7a57d35ca2ceb55b3cf7c444d192b12c060626ef496e05f3 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 27 02:51:16 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-3b94cc7f0348dddb7a57d35ca2ceb55b3cf7c444d192b12c060626ef496e05f3 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_8530867 |
| PublicationCentury | 2000 |
| PublicationDate | 2018-Aug |
| PublicationDateYYYYMMDD | 2018-08-01 |
| PublicationDate_xml | – month: 08 year: 2018 text: 2018-Aug |
| PublicationDecade | 2010 |
| PublicationTitle | 2018 Sixth International Conference on Advanced Cloud and Big Data (CBD) |
| PublicationTitleAbbrev | CBD |
| PublicationYear | 2018 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0002683407 |
| Score | 1.7049143 |
| Snippet | The repackaged malware has become one of the most serious problems on Android platform nowadays. To detect repackaged Android malware, recent research has... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 360 |
| SubjectTerms | Android Edge computing Feature extraction Malware mobile app mobile edge computing network traffic similarity repackaged malware Servers Smart phones |
| Title | Detecting Repackaged Android Malware Based on Mobile Edge Computing |
| URI | https://ieeexplore.ieee.org/document/8530867 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV09a8MwED2STJ3SNin9RkPHOnEsWbLXfBEKLh1SyBYs6VxCil2CQ6G_vifbSaF06GKMsS2hs_XupPfuAB6s5SFBqfViqbgnBB20dcGKS-0dcU4Y6_TOybNcvIqnVbhqweNRC4OIFfkMB-602su3hdm7pbIhQQt54KoNbfrMaq3WcT0lkBGn4KTJy0gNDSfjqaNuOa6kXynkf6qnVOAx70JyaLbmjGwH-1IPzNevjIz_7dcp9H9keuzlCEBn0ML8HLqHOg2s-W17MJmi2yqgexj526nZ0hximaMyFhvLkvT9M90hGxOeWVbkLCk0TRVsZt-Q1S-jJ_uwnM-Wk4XXFE_wNuQRlB7XsTBGZT4XkbVWqzRUZBeTBgZ1GGpuMmWEEJZcPD0KjE-RTCAxE7FEP8z4BXTyIsdLYEJlMkhdHBZLYVKl-QhRCRyZCIXI1BX03JCsP-r0GOtmNK7_vnwDJ84oNYfuFjrlbo93hOulvq8M-g2pwaGi |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFH5BPOgJFYy_7cGjg7F267jyK6iMeMCEG1nbN0MwmyEQE_96X7cBifHgZVmWdV360n7vtd_3HsCDMdwnKDVOJ5DcEYIuythgxab2DjknjLV652gSjN7E88yfVeBxp4VBxJx8hk17m5_lm0xv7FZZi6CFPHB5AIeE-8Iv1Fq7HRUvCDmFJ2VmRuqq1ev2LXnLsiXdXCO_r5-Sw8ewBtG244I1smxu1qqpv3_lZPzvn51AYy_UY687CDqFCqZnUNtWamDlxK1Dr4_2sIDeYeRxx3pJq4hhlsyYLQyL4o-veIWsS4hmWJayKFO0WLCBeUdWfIxaNmA6HEx7I6csn-AsyCdYO1x1hNYycbkIjTFKxr4ky-jY06h8X3GdSC2EMOTkqbanXYplvAAT0QnQ9RN-DtU0S_ECmJBJ4MU2EusEQsdS8TaiFNjWIQqRyEuo2yGZfxYJMublaFz9_fgejkbTaDwfP01eruHYGqhg1N1Adb3a4C2h_Frd5cb9AVDgpO8 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2018+Sixth+International+Conference+on+Advanced+Cloud+and+Big+Data+%28CBD%29&rft.atitle=Detecting+Repackaged+Android+Malware+Based+on+Mobile+Edge+Computing&rft.au=He%2C+Gaofeng&rft.au=Zhang%2C+Lu&rft.au=Xu%2C+Bingfeng&rft.au=Zhu%2C+Haiting&rft.date=2018-08-01&rft.pub=IEEE&rft.spage=360&rft.epage=365&rft_id=info:doi/10.1109%2FCBD.2018.00071&rft.externalDocID=8530867 |