IEEE Transactions on Dependable and Secure Computing

IEEE Transactions on Dependable and Secure Computing (TDSC) is a bimonthly journal that publishes archival research results focusing on foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. Read the full scope of TDSC


IEEE Transactions on Dependable and Secure Computing (TDSC) has moved to the OnlinePlus publication model.


From the July/August 2015 issue

A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code

By Lei Cen, Christoher S. Gates, Luo Si, and Ninghui Li

Featured article thumbnail imageMobile devices are an important part of our everyday lives, and the Android platform has become a market leader. In recent years a number of approaches for Android malware detection have been proposed, using permissions, source code analysis, or dynamic analysis. In this paper, we propose to use a probabilistic discriminative model based on regularized logistic regression for Android malware detection. Through extensive experimental evaluation, we demonstrate that it can generate probabilistic outputs with highly accurate classification results. In particular, we propose to use Android API calls as features extracted from decompiled source code, and analyze and explore issues in feature granularity, feature representation, feature selection, and regularization. We show that the probabilistic discriminative model also works well with permissions, and substantially outperforms the state-of-the-art methods for Android malware detection with application permissions. Furthermore, the discriminative learning model achieves the best detection results by combining both decompiled source code and application permissions. To the best of our knowledge, this is the first research that proposes probabilistic discriminative model for Android malware detection with a thorough study of desired representation of decompiled source code and is the first research work for Android malware detection task that combines both analysis of decompiled source code and application permissions.

download PDF View the PDF of this article      csdl View this issue in the digital library


Editorials and Announcements

Announcements

Call for Papers


Editorials


Guest Editorials


Reviewers List


Annual Index


Access recently published TDSC articles

RSS Subscribe to the RSS feed of latest TDSC content added to the digital library.

Mail Sign up for the Transactions Connection newsletter.


Swimming with Sharks: Security Roundtable