Logo der Physikalisch-Technischen Bundesanstalt

Intelligent Detection of Mobile Malware

PTB - Kolloquium

Malicious code poses a threat to the security of mobile devices. Numerous mobile applications contain malicious functionality for stealing sensitive data, calling premium numbers or conducting ransom attacks. Unfortunately, the growing amount and diversity of these applications render conventional defenses largely ineffective, as they rely on the manual analysis of novel attacks and the construction of corresponding detection patterns (signatures). In this talk, we take a look at alternative approaches for detecting malicious software. These approaches build on concepts of machine learning and are able to automatically infer indicative patterns for malicious code in mobile applications. We present two methods for the Android platform that are capable of detecting over 90% of malicious code with few false alarms---independent of manually generated rules and patterns. We discuss advantages as well as limitations of this intelligent detection of security threats.