Android malware activation strategies comparison for dynamic detection
Fecha
2019Autor
Versión
Acceso abierto / Sarbide irekia
Tipo
Trabajo Fin de Grado/Gradu Amaierako Lana
Impacto
|
nodoi-noplumx
|
Resumen
Dynamic malware detection is performed by monitoring system parameters at runtime (i.e., behavior
of applications is monitored as they run on the system). To collect data necessary for the
development of such detection methods, applications need to be run in a controlled environment
and malware need to be properly triggered. Some methods are totally random (i.e., the exerciser
creates a predefine ...
[++]
Dynamic malware detection is performed by monitoring system parameters at runtime (i.e., behavior
of applications is monitored as they run on the system). To collect data necessary for the
development of such detection methods, applications need to be run in a controlled environment
and malware need to be properly triggered. Some methods are totally random (i.e., the exerciser
creates a predefined number of events), while some others are based on GUI models (i.e.,
generated events are generated by using a library of different user interfaces).
Goal of this project is to compare different methods for exercising applications, with the purpose
of verifying that there is a significant difference between the methods. The project was
performed by using already available malware samples and the comparison was performed by
considering results obtained at USI.
Results were obtained sufficient to say that there is a difference in some of the features extracted
while in others is less significant. [--]
Materias
Android,
Malware,
Droidbot,
Dynamic detection,
Linux
Titulación
Graduado o Graduada en Ingeniería Informática por la Universidad Pública de Navarra /
Informatika Ingeniaritzako Graduatua Nafarroako Unibertsitate Publikoan