Research Article
KTSDroid: A Framework for Android Malware Categorization Using the Kernel Task Structure
Table 1
Information in categories of the kernel task structure.
| | KTS category | Information |
| | task_struct | State of the process like exit code and process execution domain | | mem_info | Major and minor page faults, heap address of the process, start and end address of code segment, and start and end address of data segment | | scheduling_info | Priority of the process, scheduling state, scheduling policy, execution time, waiting time, snapshot of user, and system CPU time | | signal_info | Signal sources, the signal handler, and timers related to the process | | process_credentials | Ownership and process capabilities | | I/O_statistics | Block I/O delay and I/O statistics like number of byte read, number of read system call, and number of write system calls | | openfiles_info | Opened files related to the process like maximum number of file descriptor and opened file descriptor | | CPU_specific_state | CPU state of the process, which includes different register states and fault info | | Others | Miscellaneous information about the process like age of the process and tracer information |
|
|
