- ALL COMPUTER, ELECTRONICS AND MECHANICAL COURSES AVAILABLE…. PROJECT GUIDANCE SINCE 2004. FOR FURTHER DETAILS CALL 9443117328
Projects > COMPUTER > 2017 > NON IEEE > APPLICATION
Android users are constantly threatened by an increasing number of malicious applications (apps), generically called malware. Malware constitutes a serious threat to user privacy, money, device and file integrity. In this paper we note that, by studying their actions, we can classify malware into a small number of behavioral classes, each of which performs a limited set of misbehaviors that characterize them. These misbehaviors can be defined by monitoring features belonging to different Android levels. In this paper we present MADAM, a novel host-based malware detection system for Android devices which simultaneously analyzes and correlates features at four levels: kernel, application, user and package, to detect and stop malicious behaviors. MADAM has been designed to take into account those behaviors characteristics of almost every real malware which can be found in the wild. MADAM detects and effectively blocks more than 96% of malicious apps, which come from three large datasets with about 2,800 apps, by exploiting the cooperation of two parallel classifiers and a behavioral signature-based detector. Extensive experiments, which also includes the analysis of a testbed of 9,804 genuine apps, have been conducted to show the low false alarm rate, the negligible performance overhead and limited battery consumption.
In existing a “bag of system calls†representation for intrusion detection of system call sequences and describe misuse detection results with widely used machine learning techniques on University of New Mexico (UNM) and MIT Lincoln Lab (MIT LL) system call sequences with the proposed representation. With the feature representation as input, then compare the performance of several machine learning techniques and show experimental results. The results show that the machine learning techniques on simple “bag of system calls†representation of system call sequences is less effective and often perform better than those approaches that use foreign contiguous subsequences for detecting intrusive behaviors of compromised processes.
The main novelty of MADAM is its cross-layer approach, and a novel integration of techniques. It provides high efficacy with low overhead. MADAM has been conceived to prove that a multilevel approach makes it possible to dynamically detect most of current Android malware. To verify that such approach is indeed viable, a large extensive set of tests have been performed to prove empirically its efficacy. MADAM has been proved totally effective against SMS Trojans correctly identifying 40 families of malware. Also underline that, normally, Android does not allow the monitoring of the event of outgoing text messages sent by an app, unless the app developer explicitly declares the notification intent.
