pBMDS

Liang Xie, Xinwen Zhang, Jean-Pierre Seifert, Sencun Zhu
2010 Proceedings of the third ACM conference on Wireless network security - WiSec '10  
Computing environments on cellphones, especially smartphones, are becoming more open and general-purpose, thus they also become attractive targets of malware. Cellphone malware not only causes privacy leakage, extra charges, and depletion of battery power, but also generates malicious traffic and drains down mobile network and service capacity. In this work we devise a novel behaviorbased malware detection system named pBMDS, which adopts a probabilistic approach through correlating user inputs
more » ... with system calls to detect anomalous activities in cellphones. pBMDS observes unique behaviors of the mobile phone applications and the operating users on input and output constrained devices, and leverages a Hidden Markov Model (HMM) to learn application and user behaviors from two major aspects: process state transitions and user operational patterns. pBMDS then identifies behavioral differences between malware and human users. Through extensive experiments on major smartphone platforms, we show that pBMDS can be easily deployed to existing smartphone hardware and it achieves high detection accuracy and low false positive rates in protecting major applications in smartphones.
doi:10.1145/1741866.1741874 dblp:conf/wisec/XieZSZ10 fatcat:5etf4ufncfchhpznrfgzgui2lu