Please use this identifier to cite or link to this item: http://hdl.handle.net/1946/19500
The exponential growth of the Android platform in the recent years has made it a main target of cyber-criminals. As a result, the amount of malware for Android is constant and rapidly growing. This exponential growth of malware given, there is a need for new detection models designed to specifically target Android malware in order to better protect the end-users and, eventually, to counter the rise of Android malware itself.
We strongly believe that, before starting to address a problem, we firstly need to understand it deeply. Thus, in this work of thesis, we firstly investigate the current state-of-the-art of Android and Android malware, presenting a classification and characterisation of the current "in the wild" Android malware. Afterwards, we investigate possible detection models that can be applied to secure Android devices from the major classes of threats. As a result, we present VirIT Mobile Security, a mobile security solution specifically designed and developed to counter Android malware. VirIT Mobile Security has been designed and developed in collaboration with and commercialised by TG Soft, an Italian antivirus firm. In particular, we propose two different approaches together, the first being a reactive approach done with the use of a signature-based detection model and used to detect whether a mobile device is infected or not. The latter one, instead, is a proactive approach used to spot zero-day or next-generation malware as they emerge.
As to test VirIT Mobile Security, we use different experiments, one for each detection mechanism developed. Experimental results show that our signature-based detection system was able to properly detect and remove 95.95% of the malware in our test, while our Permission-based Malware Detection System (PMDS) was able to detect more than 94% of previously unseen malware. Finally, our behavioural detection system was able to spot and report back to the Anti-Malware Research Center of TG Soft (CRAM) 75% of the zero-day or next-generation malware in our test.
|Developing a next-generation Mobile Security solution for Android - Paolo Rovelli.pdf||6.88 MB||Open||Complete Text||View/Open|