Despite the growing threat posed by Android malware, the research community is still lacking a comprehensive view of common behaviors and trends exposed by malware families active on the platform. Without such view, the researchers incur the risk of developing systems that only detect outdated threats, missing the most recent ones. In this paper, we conduct the largest measurement of Android ma...

With the popularity and increase in the number of smartphone users, the spread of mobile malware on Android platform has increased. Current intelligent terminal based on the Android has occupied most of the market, and the number of malware aiming at Android platform is also increasing with the increase in the smartphone users. The popularity of the smartphones, the large market share of androi...

Malware has become one of the most serious threats to computer information system and the current malware detection technology still has very significant limitations. In this paper, we proposed a malware detection approach by mining format information of PE (portable executable) files. Based on in-depth analysis of the static format information of the PE files, we extracted 197 features from fo...

Remote Attestation (RA) is a popular means of detecting malware presence (or verifying its absence) on embedded and IoT devices. It is especially relevant to low-end devices that are incapable of protecting themselves against infection. Malware that is aware of ongoing or impending attestation and aims to avoid detection can relocate itself during computation of the attestation measurement. In ...

Detection of metamorphic malware is a challenging problem as a result of high diversity in the internal code structure between generations. Code morphing/obfuscation when applied, reshapes malware code without compromising the maliciousness. As a result, signature based scanners fail to detect metamorphic malware. Prior research in the domain of metamorphic malware detection utilizes similarity...

Network or host-based signature scanning approaches alone were proven inadequate against new and emerging malware. We view malicious bots or malware in general as entities stealthily residing on a human user’s computer and interacting with the user’s computing resources. In this existing work we need to improve the trustworthiness of a host and its system data. Specifically, we provide a new me...

Organizations increasingly rely on the confidentiality, integrity and availability of their information and communications technologies to conduct effective business operations while maintaining their competitive edge. Exploitation of these networks via the introduction of undetected malware ultimately degrades their competitive edge, while taking advantage of limited network visibility and the...

While the Web provides much convenience and many people all over the world use it almost every day, it is often misused as a medium for distributing malware without users’ knowledge. Special care is particularly needed with regard to Websites that are popular with users, since their infection with malware can greatly extend the scope of any damage. Damage caused by malware can be minimized by d...

Researchers and commercial companies have made a lot of efforts on detecting malware in Android platform. However, a recent malware threat, App collusion, makes malware detection challenging. In App collusion, two or more Apps collaborate to perform malicious actions by communicating with each other, which makes single App analysis insufficient. In this paper, we first introduce Android securit...