App behavioral analysis using system calls

Thumbnail Image

Files

843.pdf (2.7 MB)

Links to Files

https://ieeexplore.ieee.org/document/8116425

Permanent Link

10.1109/INFCOMW.2017.8116425
 http://hdl.handle.net/11603/11576

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection

Author/Creator

Author/Creator ORCID

Date

2017-05-01

Type of Work

conference paper pre-print
Text

Department

Program

Citation of Original Publication

Mayank Jaiswal, Yasir Malik, Fehmi Jaafar, "Android gaming malware detection using system call analysis", Digital Forensic and Security (ISDFS) 2018 6th International Symposium on, pp. 1-5, 2018. DOI: 10.1109/INFCOMW.2017.8116425

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
© 2017 IEEE

Subjects

Google
Mobile handsets
Androids
Humanoid robots
Mobile communication
Mobile applications
UMBC Ebiquity Research Group

Abstract

System calls provide an interface to the services made available by an operating system. As a result, any functionality provided by a software application eventually reduces to a set of fixed system calls. Since system calls have been used in literature, to analyze program behavior we made an assumption that analyzing the patterns in calls made by a mobile application would provide us insight into its behavior. In this paper, we present our preliminary study conducted with 534 mobile applications and the system calls made by them. Due to a rising trend of mobile applications providing multiple functionalities, our study concluded, mapping system calls to functional behavior of a mobile application was not straightforward. We use Weka tool with manually annotated application behavior classes and system call features in our experiments, to show that using such features achieves mediocre F1-measure at best. Thus leading to the conclusion that system calls were not sufficient features for mobile application behavior classification.