BEHAVIOR-BASED DETECTION: AN APPROACH FOR SECURING ANDROID SYSTEMS AGAINST ZERO-DAY MALWARE ATTACKS
Keywords:
Android, Attacks, Behaviour-based detection, Exploit, Malware, Signature-based detection, Smartphones, Vulnerability, Zero-Day.Abstract
We present behaviour-based detection as an approach to mitigating zero-day attacks on Android. This is as a result of the drawbacks of signature-based approach commonly in use in most antivirus engines. The Signature-based approach requires the analysis and storage of signature strings of malware with which new attacks are compared. This makes the detection of new attacks whose signatures have not been gotten impossible. For these attacks to be detected, patches must be developed for them. This unknown attack is referred to as zero-day attacks. Moreover, developing patches takes time creating a vulnerability window that could be exploited hence, there is the need to be able to detect zero-day attacks in real-time. To demonstrate the capability of detecting zero-day attacks, dynamic analysis of applications was adopted in this research. A detection system was developed for the Android system and features were extracted from the device and used to analyze the behaviour of the system. The K-Nearest Neighbour (KNN) classifier was used and results showed that this approach has 93.75% accuracy and 6.25% error rate. The Area Under Curve (AUC) of the Receiver Operating Characteristics (ROC) stands at 0.996 out of 1. This result showed that behavioural detection promises a future for malware detection with respect to zero-day detection. It is recommended that the features be extended to include features at a lower level of granularity that represents system-wide behaviour. In addition, this approach should be adopted by other mobile platforms besides Android.
Published
How to Cite
Issue
Section
FUDMA Journal of Sciences
How to Cite
Most read articles by the same author(s)
- Ishaq umar Muhammad, Muhammad Mukhtar Liman, Joshua Abah, Timothy Moses, J. Agushaka, BANKS SHORT MESSAGE SERVICE THREATS NOTIFICATION SYSTEM ON ANDROID BASED PHONE , FUDMA JOURNAL OF SCIENCES: Vol. 8 No. 2 (2024): FUDMA Journal of Sciences - Vol. 8 No. 2
- Esther S. Alu, Joshua Abah, David O. Adewumi, A FRAMEWORK FOR DATA INTELLIGENCE AND ITS APPLICABILITY IN EDUCATIONAL SYSTEM , FUDMA JOURNAL OF SCIENCES: Vol. 4 No. 3 (2020): FUDMA Journal of Sciences - Vol. 4 No. 3