DroidCheck: Android Malware Detection by Behavioral Techniques and Honeypot

Android, the name is quite enough to show its dominance in the mobile computing world. Android is now the market leader among all its competitors. As, it is the largest shareholder in the market it has become bull’s eye for the attackers. Security is one of the major concerns for android users today. It has become the most viable target of security threats. With the increase in power and features of android applications, the vulnerability for malware attacks has increased. Malware can be detected in two ways either statically or dynamically. Most anti-malware applications use static analysis for detection but they can be easily obfuscated, also they require regular updates. Static analysis use techniques like signature verification which is good for known malware but fails in case of unknown malware. Dynamic analysis means behavioural analysis of malicious application taking into consideration certain parameters like asking for permissions while installation, monitoring system calls, observing network traffic, extracting information from android manifest file. The technique illustrated in this paper not only detects known malware but it is also useful in case of unknown malware. Besides this, it lures more and more malware to attack by using the tool Honeypot. Honeypot helps in maintaining repository of maximum types of malware present in the cyber world. So, by this proposed method we cannot only detect malware but also we can collect unknown and infectious malware as well. Keywords— Behavioural detection, Honeypots, Malicious applications, Malware, Manifest files, Security, Static detection