Research Article
KTSDroid: A Framework for Android Malware Categorization Using the Kernel Task Structure
Table 1
Information in categories of the kernel task structure.
| KTS category | Information |
| task_struct | State of the process like exit code and process execution domain | mem_info | Major and minor page faults, heap address of the process, start and end address of code segment, and start and end address of data segment | scheduling_info | Priority of the process, scheduling state, scheduling policy, execution time, waiting time, snapshot of user, and system CPU time | signal_info | Signal sources, the signal handler, and timers related to the process | process_credentials | Ownership and process capabilities | I/O_statistics | Block I/O delay and I/O statistics like number of byte read, number of read system call, and number of write system calls | openfiles_info | Opened files related to the process like maximum number of file descriptor and opened file descriptor | CPU_specific_state | CPU state of the process, which includes different register states and fault info | Others | Miscellaneous information about the process like age of the process and tracer information |
|
|