Poster: Aggregated Machine Learning on Indicators of Compromise in Android Devices
San Miguel, John M.
Kline, Megan E.M.
Hallman, Roger A.
Slayback, Scott M.
Chang, Stefanie S.F.
MetadataShow full item record
Malware mitigation for mobile technology is a long-standing problem for which there is not yet a good solution. In this paper, we focus on identifying malicious applications, and verifying the absence of malicious or vulnerable code in applications that agencies seek to utilize. Our analysis toolbox includes static analysis and permissions risk scoring as pre-installation vetting techniques designed to prevent malware from being installed on devices on an enterprise network. However, dynamic code-loading techniques and changing security requirements mean that applications which previously passed the static analysis verification process, and have been installed on devices, may no longer meet security standards, and may be malicious. To identify these apps, and prevent their future malfeasance, we propose a crowd-sourced behavioral analysis (CSBA) technique, using machine learning to identify anomalous activity by examining patterns in power consumption, network behavior, and sequences of system calls. These techniques apply effectively to a single user’s device over time, as well as to individual devices within an enterprise network.
The article of record as published may be found at http://dx.doi.org/10.1145/3243734.3278494
Showing items related by title, author, creator and subject.
Multipersona Hypovisors: Securing Mobile Devices through High-Performance Light-Weight Subsystem Isolation Krishnan, Neelima; Hitefield, Seth; Clancy, T. Charles; McGwier, Robert W.; Tront, Joseph G. (Virginia Tech, 2013-06-28);We propose and detail a system called multipersona Hypovisors for providing light-weight isolation for enhancing security on Multipersona mobile devices, particularly with respect to the current memory constraints of these ...
Sellers, Kristin R. (Monterey, California: Naval Postgraduate School, 2016-09);Computer systems continue to be at risk of attack by malicious software that are attached to email. Email has been determined to be the cause of 80% of computer virus infections. Millions of dollars are lost yearly due to ...
Davis, Donald B. (Monterey California. Naval Postgraduate School, 2013-09);Small submersible vessels have been used for years by nation states, terrorist groups, and criminal organizations to achieve operational objectives. These entities have sought to capitalize on the overriding tactical ...