DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Shin, Seungwon | - |
dc.contributor.advisor | 신승원 | - |
dc.contributor.author | Bae, Chanwoo | - |
dc.contributor.author | 배찬우 | - |
dc.date.accessioned | 2017-03-29T02:41:21Z | - |
dc.date.available | 2017-03-29T02:41:21Z | - |
dc.date.issued | 2016 | - |
dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=649703&flag=dissertation | en_US |
dc.identifier.uri | http://hdl.handle.net/10203/221949 | - |
dc.description | 학위논문(석사) - 한국과학기술원 : 정보보호대학원, 2016.2 ,[iv, 30 p. :] | - |
dc.description.abstract | Recently, the popularity of smart phone has dramatically increased and that has lead to move of malware from general computers to mobile devices. By this trend, many researchers conducted studies to detect malicious applications (or application) in mobile device. Detection of android malwares is classified into two methods: (i) static analysis, which investigates the source code of malware to detect the malicious behaviors of malware and (ii) dynamic analysis, which monitors the run-time behaviors of malware to detect its un-allowed operations. Surveying recent works, we have noticed that little of works had been done with dynamic method while we have found plentiful studies with static analysis. This has motivated us to conduct the research which aims to detect Android malware with dynamic method. We have discovered that there are three observable parts for detecting malicious behavior in android application: (i) network, (ii) Android APIs, (iii) Android permissions. The detection system consists of three engines and each of them monitors its own observable part of the application, independently detects malicious behavior. Then, taken the information from three of engines, correlator determines a final decision ("malicious" or "benign"). The multiple engines are designed to complement each other. Finally, we have evaluated with 795 malicious applications and 826 malicious applications (1/2 for train, 1/2 for test). We have proved that our proposed method detected malicious applications at very low rate of error and with very small time overhead. To show its high precision of malware detection, we have measured false positive rate and false negative rate and the rate were very low. By comparing precision rate from each engine and overall precision, we have proved that three engines properly compensate failure of detection each other. | - |
dc.language | eng | - |
dc.publisher | 한국과학기술원 | - |
dc.subject | Android | - |
dc.subject | Malware | - |
dc.subject | Machine Learning | - |
dc.subject | Dynamic Analysis | - |
dc.subject | Malware Analysis | - |
dc.subject | 안드로이드 | - |
dc.subject | 악성코드 | - |
dc.subject | 기계학습 | - |
dc.subject | 동적분석 | - |
dc.subject | 악성행위 분석 | - |
dc.title | (A) collaborative approach on effective and efficient android malware detection | - |
dc.title.alternative | 안드로이드 악성코드의 동적 분석 탐지 방법 연구 | - |
dc.type | Thesis(Master) | - |
dc.identifier.CNRN | 325007 | - |
dc.description.department | 한국과학기술원 :정보보호대학원, | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.