PhD Dissertation Proposal by XU Ke | Advanced Malware Detection for Android Platform

Advanced Malware Detection for Android Platform

As one of the most popular platforms for mobile devices, Android provides a wealth of functionalities to its users. Unfortunately, mobile devices running Android are increasingly targeted by attackers and infected with malware. Android allows for installing applications from unverified sources, which makes distributing malware easy for attackers. Malware running on Android severely violates end users security and privacy, allowing many attacks such as defeating two factor authentication of mobile banking applications, capturing real-time voice calls and leaking sensitive information. More importantly, malware evolves and distributes rapidly. New techniques proposed in the academia have been quickly adopted by malware authors to hide malicious behaviors. Furthermore, detecting malware on mobile devices presents additional challenges compared to desktop/laptop computers: smartphone have limited battery life, making it infeasible to use traditional approaches requiring constant scanning and complex computation. As a consequence, malware detection methods are needed for stopping the proliferation of malware in both Android markets and mobile devices.

In this dissertation proposal, we systematically investigate malicious behaviors from different perspectives and propose effective detection systems. We first target on Inter-Component Communication (ICC) patterns of Android applications and design ICCDetector, which detects malware based on not required resources but ICC patterns. Next, we propose DeepRefiner, an effective detection system combining multiple detection layers in a complementary way to refine the detection performance.