PBMDS: A behavior-based malware detection system for cellphone devices

Liang Xie, Xinwen Zhang, Jean Pierre Seifert, Sencun Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

103 Scopus citations

Abstract

Computing environments on cellphones, especially smartphones, are becoming more open and general-purpose, thus they also become attractive targets of malware. Cellphone malware not only causes privacy leakage, extra charges, and depletion of battery power, but also generates malicious traffic and drains down mobile network and service capacity. In this work we devise a novel behavior-based malware detection system named pBMDS, which adopts a probabilistic approach through correlating user inputs with system calls to detect anomalous activities in cellphones. pBMDS observes unique behaviors of the mobile phone applications and the operating users on input and output constrained devices, and leverages a Hidden Markov Model (HMM) to learn application and user behaviors from two major aspects: process state transitions and user operational patterns. Built on these, pBDMS identifies behavioral differences between malware and human users. Through extensive experiments on major smartphone platforms, we show that pBMDS can be easily deployed to existing smartphone hardware and it achieves high detection accuracy and low false positive rates in protecting major applications in smartphones.

Original languageEnglish (US)
Title of host publicationWiSec'10 - Proceedings of the 3rd ACM Conference on Wireless Network Security
Pages37-48
Number of pages12
DOIs
StatePublished - 2010
Event3rd ACM Conference on Wireless Network Security, WiSec'10 - Hoboken, NJ, United States
Duration: Mar 22 2010Mar 24 2010

Publication series

NameWiSec'10 - Proceedings of the 3rd ACM Conference on Wireless Network Security

Other

Other3rd ACM Conference on Wireless Network Security, WiSec'10
Country/TerritoryUnited States
CityHoboken, NJ
Period3/22/103/24/10

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'PBMDS: A behavior-based malware detection system for cellphone devices'. Together they form a unique fingerprint.

Cite this