Detection, Alert and Response to Malicious Behavior in Mobile Devices: Knowledge-Based Approach

Authors:
Asaf Shabtai;Uri Kanonov;Yuval Elovici
Affiliations:
Deutsche Telekom Laboratories at Ben-Gurion University and Department of Information Systems Engineering, Ben-Gurion University, Israel;Deutsche Telekom Laboratories at Ben-Gurion University and Department of Information Systems Engineering, Ben-Gurion University, Israel;Deutsche Telekom Laboratories at Ben-Gurion University and Department of Information Systems Engineering, Ben-Gurion University, Israel
Venue:
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Year:
2009

Citing 1
Cited 0

CAPSUL: A constraint-based specification of repeating patterns in time-oriented data

Annals of Mathematics and Artificial Intelligence

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this research, we evaluate a knowledge-based approach for detecting instances of known classes of mobile devices malware based on their temporal behavior. The framework relies on lightweight agent that continuously monitors time-stamped security data within the mobile device and then processes the data using a light version of the Knowledge-Based Temporal Abstraction (KBTA) methodology. The new approach was applied for detecting malware on Google Android powered-devices. Evaluation results demonstrated the effectiveness of the proposed approach.