Droid swan
- 2. Presentation Structure 01 Why DroidSwan? 02 Android and Malware 03 Building DroidSwan 05 Extracting Features 06 Deriving Feature set 07 DroidSwan Working 04 Identifying Features 08 DroidSwan Performance
- 3. Why DroidSwan? Of all mobile malware applications target Android platform 98%
- 4. Why DroidSwan? Of all mobile malware applications target Android platform Decrease in Number of Malware samples removed from PlayStore 98% 60%
- 5. Why DroidSwan? 338% Of all mobile malware applications target Android platform Decrease in Number of Malware samples removed from PlayStore Increase in Number of Malware samples on Google’s PlayStore 98% 60%
- 9. Malware and Android Surveillance Data Theft Privacy Invasion
- 10. Malware and Android Surveillance Data Theft Botnet Activity Privacy Invasion
- 11. Malware and Android Surveillance Impersonation Data Theft Botnet Activity Privacy Invasion
- 12. Building DroidSwan Collecting Malware and Benign data set Updating classifier with new data Feature set efficiency analysis Building classifier model Deriving feature set Identifying crucial features
- 15. Permissions Usage Trends in Malware Samples
- 17. Identifying Features Features Suspicious Permissions Suspicious Permission Combinations Suspicious API Combinations Presence of Executables
- 18. Identifying Features Features Suspicious Permissions Suspicious Permission Combinations Suspicious API Combinations Manifest Violation Presence of Executables
- 19. Features Suspicious Permissions Suspicious Permission Combinations Suspicious API Combinations Suspicious Content URI Manifest Violation Presence of Executables Identifying Features
- 20. 80.57% Content URI Usage Trends in Malware Samples 40% 78.8% 18%
- 21. Extracting Features APK APK Parser Suspicious Permissions Suspicious permission Combinations
- 22. Extracting Features APK APK Parser Dexdump Suspicious Permissions Suspicious permission Combinations Suspicious API Combinations Suspicious Content URI Manifest Violation
- 23. Extracting Features APK APK Parser Dexdump Jar Disassembler Executables in resources Suspicious Permissions Suspicious permission Combinations Suspicious API Combinations Suspicious Content URI Manifest Violation
- 24. Deriving Feature Set Three variations of feature set considered : •Weighted feature set with ED as a feature •Weighted feature set without ED as a feature •Non-Weighted feature set
- 31. Babu Rajesh V has been working for three years in the field of mobile security and malware analysis. His areas of interests include mobile security and embedded security Himanshu Pareek has around six years of experience in developing and design of security solutions related to small sized networks. He has research papers published on topics like malware detection based on behaviour and application modelling Mahesh U Patil received master degree in electronics and communication. Presently he is working as Principal Technical Officer at CDAC. His research interests include Mobile Security and Embedded Systems Phaninder Reddy has been working for two years in the field of mobile security and malware analysis. His areas of interests include machine learning and data analytics Our Team