SpotCheck: On-Device Anomaly Detection for Android

02/23/2021
by   Mark Vella, et al.
0

In recent years the PC has been replaced by mobile devices for many security sensitive operations, both from a privacy and a financial standpoint. While security mechanisms are deployed at various levels, these are frequently put under strain by previously unseen malware. An additional protection layer capable of novelty detection is therefore needed. In this work we propose SpotCheck, an anomaly detector intended to run on Android devices. It samples app executions and submits suspicious apps to more thorough processing by malware sandboxes. We compare Kernel Principal Component Analysis (KPCA) and Variational Autoencoders (VAE) on app execution representations based on the well-known system call traces, as well as a novel approach based on memory dumps. Results show that when using VAE, SpotCheck attains a level of effectiveness comparable to what has been previously achieved for network anomaly detection. Interestingly this is also true for the memory dump approach, relinquishing the need for continuous app monitoring.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/11/2020

A Performance-Sensitive Malware Detection System Using Deep Learning on Mobile Devices

Currently, Android malware detection is mostly performed on the server s...
research
07/22/2018

A Preliminary Study On the Sustainability of Android Malware Detection

Machine learning-based malware detection dominates current security defe...
research
03/22/2021

Checking App Behavior Against App Descriptions: What If There are No App Descriptions?

Classifying mobile apps based on their description is beneficial for sev...
research
03/09/2021

ANDRUSPEX : Leveraging Graph Representation Learning to Predict Harmful App Installations on Mobile Devices

Android's security model severely limits the capabilities of anti-malwar...
research
10/23/2019

Deep learning guided Android malware and anomaly detection

In the past decade, the cyber-crime related to mobile devices has increa...
research
05/12/2021

Responding to Living-Off-the-Land Tactics using Just-in-Time Memory Forensics (JIT-MF) for Android

Digital investigations of stealthy attacks on Android devices pose parti...
research
05/16/2018

Towards Malware Detection via CPU Power Consumption: Data Collection Design and Analytics (Extended Version)

This paper presents an experimental design and data analytics approach a...

Please sign up or login with your details

Forgot password? Click here to reset