Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
T2Droid: A TrustZone-Based Dynamic Analyser for Android Applications
KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.
KTH, School of Information and Communication Technology (ICT), Communication Systems, CoS, Radio Systems Laboratory (RS Lab).ORCID iD: 0000-0002-6066-746X
KTH, School of Information and Communication Technology (ICT), Software and Computer systems, SCS.ORCID iD: 0000-0002-6718-0144
Universidade de Lisboa, Portugal..ORCID iD: 0000-0001-7873-5531
2017 (English)In: Proceedings - 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems, Trustcom/BigDataSE/ICESS 2017, Institute of Electrical and Electronics Engineers (IEEE), 2017, 240-247 p., 8029446Conference paper, Published paper (Refereed)
Abstract [en]

Android has become the most widely used mobile operating system (OS) in recent years. There is much research on methods for detecting malicious Android applications. Dynamic analysis methods detect such applications by evaluating their behaviour during execution. However, such mechanisms may be ineffective as malware is often able to disable antimalware software. This paper presents the design of T2DROID, a dynamic analyser for Android that uses traces of Android API function calls and kernel syscalls, and that is protected from malware by leveraging the ARM TrustZone security extension. In our experimental evaluation T2DROID achieved accuracy and precision of 0.98 and 0.99, respectively, with a kNN classifier.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2017. 240-247 p., 8029446
Keyword [en]
Android (operating system), application program interfaces, invasive software, mobile computing, operating system kernels, pattern classification, system monitoring, trusted computing, ARM TrustZone security extension, Android API function calls, T2Droid, TrustZone-based dynamic analyser, kNN classifier, kernel syscalls, malicious Android applications, malware, mobile operating system, Androids, Humanoid robots, Kernel, Malware, Mobile communication, Mobile handsets, ARM TrustZone, Android, Detection, Malware, Mobile devices
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:kth:diva-217551DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.243Scopus ID: 2-s2.0-85032343452ISBN: 9781509049059 (print)OAI: oai:DiVA.org:kth-217551DiVA: diva2:1156921
Conference
16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems, Trustcom/BigDataSE/ICESS 2017, Sydney, Australia, 1 August 2017 through 4 August 2017
Funder
EU, Horizon 2020, H2020-653884
Note

QC 20171114

Available from: 2017-11-14 Created: 2017-11-14 Last updated: 2017-11-14Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Yalew, Sileshi DemesieMaguire Jr., Gerald Q.Haridi, SeifCorreia, Miguel
By organisation
Software and Computer systems, SCSRadio Systems Laboratory (RS Lab)
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 11 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf