چكيده به لاتين
Abstract
Nowadays, malwares which are increasingly expanding and changing, play an important role in breaking into mobile systems, specially smartphones and their security concepts. A smartphone malware is a software that secretly monitors the user’s data and attemps to collect and steal information. Mostly, these obtained information is abused and exploited for commercial, advertising, security and military purposes. As a result, detection and prevention of malware is essential in the field of computer security.
Growth and widespread use of smartphones and subsequently gathering lots of user’s information on these devices, detecting malware and protecting against it is considered as a major issue. Recently, with Android being the most popular and useful smartphone platform in the world, malware writers has got more interest and opportunities to work on it.
In this thesis, once familiar with malware, also focused on spyware, methods to overcome it and a review of related works, introduction and evaluation of proposed approach will be discussed and as a result a tool to detect android malwares will be presented. The technique of this thesis involves behavior-based dynamic analysis and detection of malware functionality by executing it in an emulator as a safe environment. The approach is represented and implemented in three phases. The first phase is dynamic analysis which system calls at the kernel-level of Android are traced during execution of an application and recorded as a report into a log file. The second phase is feature extraction according to feature vectors generated from the log file which is contained numbers, frequency and dependency of captured system calls, and the last phase is machine learning that categorizes benign applications and malwares (e.g. spyware) by using appropriate classification algorithms and artificial neural network.
Keywords: Malware, Security, Smartphone, Android Operating System, Emulator, Dynamic Analysis, System Call, Machine Learning
