UBC Theses and Dissertations
An intelligent multi-agent based detection framework for classification of android malware Alam, Mohammed Shahidul
Smartphones play an important role in our day to day activities. Some of them include monitoring our health such as eating habits, sleep patterns and exercise schedule. The Android mobile operating system developed by Google is currently the most popular operating system for such smart devices. It is also the most vulnerable device due to its open nature of software installation, ability to dynamically load code during runtime, and lack of updates to known vulnerabilities even on popular versions of the system. Thus, securing such devices from malware that targets user privacy and monetary resources is paramount. In this thesis, we developed a context-aware multi-agent based framework targeted towards protecting Android devices. A malware detection technique has to be context-aware due to limited battery resources of mobile devices. In some cases however, battery utilization might become secondary. This includes scenarios where detection accuracy is given a higher priority over battery utilization. Thus, a detection framework has to be intelligent and flexible. To reach this goal, our framework relies on building multiple scalable context based models, and observing the behaviour patterns of Android devices by comparing to relevant pre-built models. We make use of machine learning classifiers that are more scalable to help classify features that could be used to detect malware by behaviour analysis. In this framework, the expensive analysis components utilizing machine learning algorithms are pushed to server side, while agents on the Android client are used mainly for context-aware feature gathering to transmit the information to server side classifiers for analysis, and to receive classification results from the server side agents.
Item Citations and Data
Attribution-NonCommercial-NoDerivatives 4.0 International