| dc.description.abstract | In recent years, smart phones become the target of hackers, because of the popularity and the store of more personal information. Information security tools will collect a lot of information from user′s smart phone and may cause privacy information leakage when it uploads to cloud server for malware analysis. In order to protect user′s privacy information, information security tools need to remove the privacy information from uploading data. Our study aims for spyware, botware, ransomware these three kinds of malware on the Android platform. And proposed a dynamic malware classification system, named ShadowDroid. ShadowDroid will establish a VPN to intercept all network packets to the phone. ShadowDroid collecting all network packets that be detected app and use string matching method to find the privacy information, then de-Identify it to make sure that the uploaded classify data doesn′t contain any personal identifiable information.
At present, malware classification research is classified malware in the malicious family. But the malicious family is malware continue to make the evolution, in order to circumvent the detection or enhance the function. This research will be classified malware, according to their behavioral feature, like ransomware, botware, spyware. To facilitate the user to find suitable measures for the behavior feature. Our classification is based on a certain behavioral feature of the definition. And some malware may be mixed with a malicious behavior of variety malicious types. For example, Xbot contains malicious behavior, such as phishing, and encrypt file to extortion. Therefore, this research will calculate the similarity between the data uploaded from the user′s mobile and the standard feature set of each category. And the classification features do not need any privacy information. Our classification results can be shown similarities between its with each malicious category, thus judging the malicious program may contain malicious behavior. The results show that the classification of the benign app and the three categories of malware is 90% accurate, which is only slightly lower than the 92% accuracy of the malicious family classification. | en_US |