Volume 9 Number 4 (Apr. 2014)
Home > Archive > 2014 > Volume 9 Number 4 (Apr. 2014) >
JCP 2014 Vol.9(4): 851-858 ISSN: 1796-203X
doi: 10.4304/jcp.9.4.851-858

Behavior Classification based Self-learning Mobile Malware Detection

Dai-Fei Guo1, Ai-Fen Sui1, Yi-Jie Shi2, Jian-Jun Hu1, Guan-Zhou Lin1, and Tao Guo1
1Add-on IT Security, Corporate Technology, Siemens Ltd., China, Wangjing Zhonghuan Nanlu, Chao yang District, P.O.Box 8543, Beijing, 100102, China
2State key laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China


Abstract—More and more mobile malware appears on mobile internet and pose great threat to mobile users. It is difficult for traditional signature-based anti-malware system to detect the polymorphic and metamorphic mobile malware. A mobile malware behavior analysis method based on behavior classification and self-learning data mining is proposed to detect the malicious network behavior of the unknown or metamorphic mobile malware. A network behavior classification module is used to divide the network behavior data of mobile malware into different categories according to the behavior characteristic in the training and detection phase. Three types of network behavior data of mobile malware and normal network access are employed to train the different Naïve Bayesian classifier respectively. Those classifiers are used to analyze the corresponding type of network behavior to detect the new or metamorphic mobile malware. An incremental selflearning method is adopted to gradually optimize those Naïve Bayesian Classifiers for different behavior. The simulation results showed that those Naïve Bayesian Classifiers based on behavior classification have better accuracy rate of analysis on mobile malware network behavior. Performance simulation results showed that the network behavior analysis system based on the proposed method can analyze the mobile malware on mobile internet in real time.

Index Terms—mobile internet, mobile malware, data mining, behavior classification

[PDF]

Cite: Dai-Fei Guo, Ai-Fen Sui, Yi-Jie Shi, Jian-Jun Hu, Guan-Zhou Lin, and Tao Guo, "Behavior Classification based Self-learning Mobile Malware Detection," Journal of Computers vol. 9, no. 4, pp. 851-858, 2014.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat,etc
E-mail: jcp@iap.org
  • Nov 14, 2019 News!

    Vol 14, No 11 has been published with online version   [Click]

  • Mar 20, 2020 News!

    Vol 15, No 2 has been published with online version   [Click]

  • Dec 16, 2019 News!

    Vol 14, No 12 has been published with online version   [Click]

  • Sep 16, 2019 News!

    Vol 14, No 9 has been published with online version   [Click]

  • Aug 16, 2019 News!

    Vol 14, No 8 has been published with online version   [Click]

  • Read more>>