Abstract:
In the modern era of android-based smartphone technology, the dependence upon smartphones is indispensable. These equipments are not utilized merely to make or receive calls, but for a number of other features as well. Numerous smartphones are based on different operating systems, namely Android, IOS, Windows, etc. These operating systems provide thousands of applications in their application stores. Any user can easily access these applications by simply downloading these applications from the app stores and any developer can host their apps on these app stores. However, there is no reliable assurance provided that whether these developers are genuine or not. As the quantity of applications escalates in the app store, the number of malicious applications also grows. In recent times, numerous defensive strategies have been proposed by researchers for detecting the malicious apps. However, there is no built-in feature in smartphones to detect malicious apps from legitimate apps. Therefore, in this paper we have proposed a novel prototype method called Droid-Sec (Android-Security), which discovers the malicious applications in the modern android-based smartphones in an automated manner. Droid-Sec operates in two phases: initially, whenever a new application is downloaded from the app store and installed on the device, Droid-Sec checks for the malware in that application and if found to be malicious, it gives a warning to the smartphone user. Secondly, Droid-Sec has a provision to disable the internet connection of the malicious application so that it doesn’t leak any sensitive information to any remote web server. We have also evaluated the detection capability of Droid-Sec on android operating system, as it is one of the most used and popular OS in today’s world, based on the Linux kernel. The results showed that Droid-Sec detects the malicious apps in the android smartphones with minimum false positives, zero false negative rate and tolerable runtime overhead.