Research Article
BibTex RIS Cite

Android Kötücül Yazılım Tespit Sistemleri İncelemesi

Year 2017, Volume: 5 Issue: 1, 281 - 298, 30.01.2017

Abstract

Akıllı telefonların hayatımıza girmesiyle birlikte akıllı telefonları kullanan kullanıcı sayısı her geçen gün artarak devam etmektedir. Akıllı telefonların fazla talep görmesindeki neden, insanların bir cihazla istedikleri işleri tek dokunuşla kolaylıkla yapabilmesidir. International Data Corporation (IDC) firmasının 2016 2. çeyrek raporuna göre; akıllı telefon pazarında Android %87.6 gibi çok yüksek bir paya sahiptir [1]. Android'in akıllı telefon kullanan kullanıcılar arasında popüler olması ile birlikte açık kaynaklı bir yapıya sahip olması ve markete uygulama yüklenirken detaylı olarak kötücül yazılım incelenmesi yapılmadığından dolayı Android platformu kötü niyetli kişilerin bir numaralı hedefi haline gelmiştir. Android market ve diğer alternatif Android marketlerde kötü niyetli uygulamaların sayısı her geçen gün artmaktadır. G Data'nın 2015 1. Çeyrek raporuna göre; kötücül yazılımların %50.3 finansal amaçlıdır [2]. Finansal amaçlı olmasındaki neden Avrupa kıtasındaki kullanıcıların %41'nin banka işlemlerini akıllı telefonlarını kullanarak yapmasıdır [2]. Bu yüzden Android marketlerde bulunan uygulamaların kötücül olup olmadığını tespit etmek için etkin kötücül yazılım tespiti yapan sistemlere ihtiyaç vardır. Bu çerçevede bu çalışmada kötücül yazılım tespit sistemleri anlatılmıştır. 

References

  • Anonim, http://www.idc.com/prodserv/smartphone-os-market-share.jsp (Erişim tarihi: 06 Aralık, 2016).
  • Anonim, https://public.gdatasoftware.com/Presse/Publikationen/Malware_ Reports/ G_DATA _MobileMWR_Q1_2015_US.pdf (Erişim tarihi: 06 Aralık, 2016).
  • Anonim,http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visualnetworking-index-vni/mobile-white-paper-c11-520862.html (Erişim tarihi: 06 Aralık, 2016).
  • B. Rashidi, C. Fung, E. Bertino, Comput. & Secur. 65 (2017) 90-107. Anonim,http://www.mcafee.com/us/resources/reports/rp-mobile-threat-report-2016.pdf (Erişim tarihi: 20 Ocak 2017) Anonim, https://www.fsecure.com/documents/996508/1030743/Mobile_Threat_Report https://www.fsecure.com/documents/996508/1030743/Mobile_Threat_Report_Q1_2014.pdf (Erişim tarihi: 06 Aralık, 2016)
  • Anonim, http://developer.Android.com/guide/topics/security/permissions.html#normaldangerous (Erişim tarihi: 06 Aralık, 2016).
  • A. Shabtai, L. Tenenboim-Chekina, D. Mimran, L. Rokach, B. Shapira, Y. Elovici Comput. & Secur. 43 (2014) 1-18. A. Feizollah, N. B. Anuar, R. Salleh, A. W. A. Wahab Digit. Invest. 13 (2015) 22-37.
  • S. Sheen, R. Anitha, V. Natarajan Neurocomputing 151 (2015) 905-912.
  • M. Magdum, S. K. Wagh Int. J. Comput. Sci. Inf. Secur. (IJCSIS) 14 (2016).
  • K. O. Elish, X. Shu, D. D. Yao, B. G. Ryder, X. Jiang, Comput. & Secur. 49 (2015) 255–273.
  • A. T. Kabakuş, İ. A. Dogru, A. Çetin, Digit. Invest. 13 (2015) 1-14
  • 298
  • J. Choi, W. Sung, C. Choi, P. Kim Pervasive Mob. Comput. 24 (2015) 138-149.
  • M. K. Alzaylaee, S. Y. Yerima, S. Sezer DynaLog: An automated dynamic analysis framework for characterizing Android applications, 2016 International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2016), Londra-İngiltere, (2016) 1-8.
  • Z. Yuan, Y. Lu, Y. Xue Tsinghua Sci. Tech. 21 (2016) 114-123.
  • L. Gheorghe, B. Marin, G. Gibson, L. Mogosanu, R. Deaconescu, V.-G. Voiculescu, M. Carabas, Secur. Comm. Networks 8 (2015) 4254-4272
  • P. Wang, Y-S. Wang J. Comput. Sys. Sci. 81 (2015) 1012-1026.
  • T. Blasing, L. Batyuk, A-D. Schmidt, S. A. Camtepe, S. Albayrak An Android application sandbox system for suspicious software detection, 5th International Conference on Malicious and Unwanted Software (MALWARE), Nancy -Fransa, (2010) 55-62.
  • X. Wei , L. Gomez, I. Neamtiu, M. Faloutsos Profiledroid: multi-layer profiling of Android applications, 18th annual international conference on Mobile computing and networking, İstanbul -Türkiye, (2012) 137-148.
  • F. Tong, Z. Yan (2016) DOI: 10.1016/j.jpdc.2016.10.012.
  • M-Y. Su, K-T. Fung, Y-H. Huang, M-Z. Kang, Y-H. Chung Detection of Android Malware: Combined with Static Analysis and Dynamic Analysis, The 2016 International Conference on High Performance Computing & Simulation (HPCS 2016), Innsbruck-Avusturya, (2016) 1013-1018.
  • M. Spreitzenbarth, T. SchreckFlorian, E. Arp, J. Hoffmann (2014) DOI: 10.1007/s10207014-0250-0.
  • R. Pandita, X. Xiao, W. Yang, W. Enck, T. Xie Whyper: towards automating risk assessment of mobile applications, 22nd USENIX Security Symposium, Washington, D.C.-Amerika, (2013).
  • S. Chakradeo, B. Reaves, P. Traynor, W. Enck, MAST: Triag e for Market-scale Mobile Malware Analysis, WiSec’13 (2013), Budapeşte-Macaristan.
  • P. Teufl, M. Ferk, A. Fitzek, D. Hein, S. Kraxberger, C. Orthacker (2013) DOI: 10.1002/sec.675.

Android Malware Detection Systems Review

Year 2017, Volume: 5 Issue: 1, 281 - 298, 30.01.2017

Abstract

With the smartphones entering our lives, the number of smartphones continues to increase day by day. The reason why smartphones are in so demand is that people can easily do what they want. According to IDC's 2016 Q2 report, Android dominated the smartphone market with an 87.6% share [1]. The Android platform has become the number one target of malicious people because of Android has an open source and new application installation has not been analyzed in detail. Therefore, the number of Android malicious applications are also increasing every day on Google Play and alternative Android application markets. According to G Data's 2015 Q1 mobile malware report, 50.3% of malware is for financial purposes [2]. The reason is that 41% of Europe's users use their devices for banking transactions [2]. Hence, there is need for effective malware detection systems which are detect malicious software on Android application markets. In this paper, malicious software detection systems will be explained. 

References

  • Anonim, http://www.idc.com/prodserv/smartphone-os-market-share.jsp (Erişim tarihi: 06 Aralık, 2016).
  • Anonim, https://public.gdatasoftware.com/Presse/Publikationen/Malware_ Reports/ G_DATA _MobileMWR_Q1_2015_US.pdf (Erişim tarihi: 06 Aralık, 2016).
  • Anonim,http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visualnetworking-index-vni/mobile-white-paper-c11-520862.html (Erişim tarihi: 06 Aralık, 2016).
  • B. Rashidi, C. Fung, E. Bertino, Comput. & Secur. 65 (2017) 90-107. Anonim,http://www.mcafee.com/us/resources/reports/rp-mobile-threat-report-2016.pdf (Erişim tarihi: 20 Ocak 2017) Anonim, https://www.fsecure.com/documents/996508/1030743/Mobile_Threat_Report https://www.fsecure.com/documents/996508/1030743/Mobile_Threat_Report_Q1_2014.pdf (Erişim tarihi: 06 Aralık, 2016)
  • Anonim, http://developer.Android.com/guide/topics/security/permissions.html#normaldangerous (Erişim tarihi: 06 Aralık, 2016).
  • A. Shabtai, L. Tenenboim-Chekina, D. Mimran, L. Rokach, B. Shapira, Y. Elovici Comput. & Secur. 43 (2014) 1-18. A. Feizollah, N. B. Anuar, R. Salleh, A. W. A. Wahab Digit. Invest. 13 (2015) 22-37.
  • S. Sheen, R. Anitha, V. Natarajan Neurocomputing 151 (2015) 905-912.
  • M. Magdum, S. K. Wagh Int. J. Comput. Sci. Inf. Secur. (IJCSIS) 14 (2016).
  • K. O. Elish, X. Shu, D. D. Yao, B. G. Ryder, X. Jiang, Comput. & Secur. 49 (2015) 255–273.
  • A. T. Kabakuş, İ. A. Dogru, A. Çetin, Digit. Invest. 13 (2015) 1-14
  • 298
  • J. Choi, W. Sung, C. Choi, P. Kim Pervasive Mob. Comput. 24 (2015) 138-149.
  • M. K. Alzaylaee, S. Y. Yerima, S. Sezer DynaLog: An automated dynamic analysis framework for characterizing Android applications, 2016 International Conference on Cyber Security and Protection of Digital Services (Cyber Security 2016), Londra-İngiltere, (2016) 1-8.
  • Z. Yuan, Y. Lu, Y. Xue Tsinghua Sci. Tech. 21 (2016) 114-123.
  • L. Gheorghe, B. Marin, G. Gibson, L. Mogosanu, R. Deaconescu, V.-G. Voiculescu, M. Carabas, Secur. Comm. Networks 8 (2015) 4254-4272
  • P. Wang, Y-S. Wang J. Comput. Sys. Sci. 81 (2015) 1012-1026.
  • T. Blasing, L. Batyuk, A-D. Schmidt, S. A. Camtepe, S. Albayrak An Android application sandbox system for suspicious software detection, 5th International Conference on Malicious and Unwanted Software (MALWARE), Nancy -Fransa, (2010) 55-62.
  • X. Wei , L. Gomez, I. Neamtiu, M. Faloutsos Profiledroid: multi-layer profiling of Android applications, 18th annual international conference on Mobile computing and networking, İstanbul -Türkiye, (2012) 137-148.
  • F. Tong, Z. Yan (2016) DOI: 10.1016/j.jpdc.2016.10.012.
  • M-Y. Su, K-T. Fung, Y-H. Huang, M-Z. Kang, Y-H. Chung Detection of Android Malware: Combined with Static Analysis and Dynamic Analysis, The 2016 International Conference on High Performance Computing & Simulation (HPCS 2016), Innsbruck-Avusturya, (2016) 1013-1018.
  • M. Spreitzenbarth, T. SchreckFlorian, E. Arp, J. Hoffmann (2014) DOI: 10.1007/s10207014-0250-0.
  • R. Pandita, X. Xiao, W. Yang, W. Enck, T. Xie Whyper: towards automating risk assessment of mobile applications, 22nd USENIX Security Symposium, Washington, D.C.-Amerika, (2013).
  • S. Chakradeo, B. Reaves, P. Traynor, W. Enck, MAST: Triag e for Market-scale Mobile Malware Analysis, WiSec’13 (2013), Budapeşte-Macaristan.
  • P. Teufl, M. Ferk, A. Fitzek, D. Hein, S. Kraxberger, C. Orthacker (2013) DOI: 10.1002/sec.675.
There are 24 citations in total.

Details

Journal Section Articles
Authors

Ömer Kiraz This is me

İbrahim Alper Doğru This is me

Publication Date January 30, 2017
Published in Issue Year 2017 Volume: 5 Issue: 1

Cite

APA Kiraz, Ö., & Doğru, İ. A. (2017). Android Malware Detection Systems Review. Duzce University Journal of Science and Technology, 5(1), 281-298.
AMA Kiraz Ö, Doğru İA. Android Malware Detection Systems Review. DUBİTED. January 2017;5(1):281-298.
Chicago Kiraz, Ömer, and İbrahim Alper Doğru. “Android Malware Detection Systems Review”. Duzce University Journal of Science and Technology 5, no. 1 (January 2017): 281-98.
EndNote Kiraz Ö, Doğru İA (January 1, 2017) Android Malware Detection Systems Review. Duzce University Journal of Science and Technology 5 1 281–298.
IEEE Ö. Kiraz and İ. A. Doğru, “Android Malware Detection Systems Review”, DUBİTED, vol. 5, no. 1, pp. 281–298, 2017.
ISNAD Kiraz, Ömer - Doğru, İbrahim Alper. “Android Malware Detection Systems Review”. Duzce University Journal of Science and Technology 5/1 (January 2017), 281-298.
JAMA Kiraz Ö, Doğru İA. Android Malware Detection Systems Review. DUBİTED. 2017;5:281–298.
MLA Kiraz, Ömer and İbrahim Alper Doğru. “Android Malware Detection Systems Review”. Duzce University Journal of Science and Technology, vol. 5, no. 1, 2017, pp. 281-98.
Vancouver Kiraz Ö, Doğru İA. Android Malware Detection Systems Review. DUBİTED. 2017;5(1):281-98.