About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Conference paper
Understanding the Market-Level and Network-Level Behaviors of the Android Malware Ecosystem
Abstract
The prevalence of malware in Android marketplaces is a growing and significant problem. Most existing studies focus on detecting Android malware or designing new security exten-sions to defend against specific types of attacks. In this paper, we perform an empirical study on analyzing the market-level and network-level behaviors of the Android malware ecosystem. We focus on studying whether there are interesting characteristics of those market accounts that distribute malware and specific networks that are mainly utilized by Android malware authors. We further investigate community patterns among Android mal-ware from the perspective of their market account infrastructure and remote server infrastructure. Spurred by these analysis, we design a novel community inference algorithm to find more malicious apps by exploiting their community relationships. By using a small seed set (50) of known malicious apps, we can effectively find another extra 20 times of malicious apps, while maintaining considerable accuracy higher than 94%