Journal of Applied Mathematics / 2014 / Article / Tab 1 / Research Article
Linear SVM-Based Android Malware Detection for Reliable IoT Services Table 1 Trends of studies on mobile malware detection techniques.
Detection technique Author Collected data Description
Signature-based technique
Schmidt et al. [12 ] Executable file analysis Uses the readelf command to carry out static analysis on executable files using system calls
Bläsing et al. [13 ] Source code analysis Uses the Android sandbox to carry out static/dynamic analysis on applications
Kou and Wen [14 ] Packet analysis Uses functions such as packet-preprocessing and pattern-matching to detect malware
Bose et al. [15 ] API call history Collects system events of upper layers and monitors their API calls to detect malware
Behavior-based technique
Schmidt et al. [16 ] System log data Detects anomalies in terms of Linux kernels and monitors traffic, kernel system calls, and file system log data by users
Cheng et al. [17 ] SMS, Bluetooth Lightweight agents operating in smartphones record service activities such as usage of SMS or Bluetooth, comparing the recorded results with users’ average values to analyze whether there is intrusion or not.
Liu et al. [18 ] Battery consumption Monitors abnormal battery consumption of smartphones to detect intrusion by newly created or currently known attacks
Burguera et al. [19 ] System call Monitors system calls of smartphone kernel to detect external attacks through outsourcing
Shabtai et al. [20 ] Process information Continuously monitors logs and events and classifies them into normal and abnormal information Dynamic analysis technique
Fuchs et al. [21 ] Data marking Analyzes malware by carrying out static taint analysis for Java source code
William et al. [22 ] Data marking Modifies stack frames to add taint tags into local variables and method arguments and traces the propagation process through tags to analyze malware