|
|
November 2021 Issue Vol.11 No.11
A Survey on Scalability of source code analysis in malware detection using KOTLIN for Android Application
https://ia601505.us.archive.org/31/items/vol11no1101/vol11no1101.pdf
Dr.A.Edwin Robert
Assistant professor,Department of Computer Science
SMS College of Arts and Science, Coimbatore
Abstract:
Abstract— Smart devices are built on a foundation of software components from a variety of vendors. While critical applications may undergo extensive testing and evaluation procedures, the heterogeneity of software sources threatens the integrity of the execution environment for android based application programs. For instance, if an attacker can combine an application exploit with privilege escalation vulnerability, the operating system (OS) can become corrupted. The importance of ensuring application integrity has been studied in existing work . In the proposed work stops the application once corruption is detected. Mandatory Access Control (MAC) in an Android based operating system to tackle malware problem is a grand challenge but also a promising approach. The firmest barriers to apply MAC to defeat malware programs are the incompatible ,unusable and more comples problems in an existing MAC systems. To address these issues, we manually analyse 2000 malware samples and component one by one and two types of MAC enforced operating systems, and then designed a novel Efficient Malware Detection and Tracer design (EMDT) using Hidden Markov model, which incorporates intrusion detection and tracing in an commercial mobile operating system which leverages efficient coding and authentication schemes. The proposed approach conceptually consists of three actions: detecting, tracing, and restricting suspected intruders .The novelty of the proposed work is that it leverages light-weight intrusion detection and tracing techniques to automate security label configuration that is widely acknowledged as a tough issue when applying a MAC system in practice. The other is that, rather than restricting information flow as a traditional MAC does, it traces intruders and restricts only their critical malware behaviours, where intruders represent processes and executables that are potential agents of a remote attacker. Our prototyping and experiments on Android operating system using Kotlin, which shows with minimized coding the Tracer can effectively defeat all malware samples tested via blocking malware behaviours while not causing a significant compatibility problem.
Keywords: Intrusion, Tracing ,Malware, Kotlin, Android, Detection
