Dynamic Android Malware Analysis with De-Identification of Personal Identifiable Information

Che Chun Hu, Tzung Han Jeng, Yi Ming Chen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

The rapid performance improvement and versatility of Android smartphone make people's lives more and more dependent on it. Not only making smartphone carry more personal privacy information, but also making it a target for hackers. Many security-prevent tools collect application information from smartphones for application analysis, but this information may cause privacy concerns. This paper proposes a system called ShadowDroid, which uses dynamic analysis technology for Android applications. ShadowDroid establishes a VPN on the smartphone to intercept all the network traffic to collect the data needed for analysis. At the same time, through the method of string matching to find out the private information from the data, and then de-identify it to make sure that the uploaded analysis data does not contain any personal identifiable information. ShadowDroid classifies malicious applications into three types: spyware, botware, and ransomware. Knowing the type of malicious application allows users to find the right response strategy. In addition, for malicious applications that mix multiple malicious behaviors, ShadowDroid calculates the similarity between the uploaded analytical data and the standard feature set of each type, thereby helping the user to determine which malicious behaviors the malicious application may contain. The experiment confirmed that the accuracy of the classification result of ShadowDroid without the privacy information leakage of smartphone users is 90%, only slightly lower than the accuracy of 92% of [1].

Original languageEnglish
Title of host publicationICCBD 2020 - 2020 3rd International Conference on Computing and Big Data
Subtitle of host publicationWorkshop 2020 2nd International Conference on Computer, Software Engineering and Applications, CSEA 2020
PublisherAssociation for Computing Machinery
Pages30-36
Number of pages7
ISBN (Electronic)9781450387866
DOIs
StatePublished - 5 Aug 2020
Event3rd International Conference on Computing and Big Data, ICCBD 2020 and its Workshop the 2020 2nd International Conference on Computer, Software Engineering and Applications, CSEA 2020 - Virtual, Online, Taiwan
Duration: 5 Aug 20207 Aug 2020

Publication series

NameACM International Conference Proceeding Series

Conference

Conference3rd International Conference on Computing and Big Data, ICCBD 2020 and its Workshop the 2020 2nd International Conference on Computer, Software Engineering and Applications, CSEA 2020
Country/TerritoryTaiwan
CityVirtual, Online
Period5/08/207/08/20

Keywords

  • Android
  • Application Classification
  • De-Identification
  • Dynamic Analysis
  • Network Packet

Fingerprint

Dive into the research topics of 'Dynamic Android Malware Analysis with De-Identification of Personal Identifiable Information'. Together they form a unique fingerprint.

Cite this