Machine learning-based mobile threat monitoring and detection

摘要

Mobile device security must keep up with the increasing demand of mobile users. Smartphones are every day becoming connected to more devices and services, interacting with the growing Internet of things. Every new service, and connection, creates a new pathway for intrusion and data theft. Each intrusion can yield further opportunities for breaches of corporate and enterprise infrastructure, and significant cost. In our study, we propose a mobile security platform that combines our developed security web server, analysis module, and Android OS application, with the Google Cloud Messaging service for queued and targeted device messaging. In the cloud, the developed LAMP (Linux, Apache, MySQL, PHP) server sends, receives, and stores data from a connected device via the corresponding Android OS application. The data consists of system information for device identification, and application data to be distributed to the analysis module for malicious content to be extracted and identified. The analysis module, utilizing the Weka software, performs both static and dynamic analyses to detect Android malware, simultaneously providing rapid and intuitive security with predictive capabilities. The server additionally provides device status visualization and manual security operations.