[HITB GSEC] Generic and Static Detection of Mobile Malware Using Machine Learning
In recent years, there has been a rapid growth in smartphone sales and adoption. According to Gartner there was 379,977.3 thousand smartphones sold in the first quarter of 2017, representing 9 percent year over year (YoY) growth over the first quarter of 2016. On the other hand, according to IDC, the PC market only experience a tepid year-over-year growth of 0.6%, resulting in a 60,328 thousands of units being shipped in the same period. Of all smartphones being sold in the first quarter of 2017, Android smartphone account for approximately 86.3% volume of the shipment. In fact, according to web analytics firm StatCounter, Android has become the internet's most used OS with more than 37.93 percent of the market share compared to 37.91 percent of Windows. Unfortunately, the popularity and the openness of the platform also attract the attention of malware authors. According to the latest report from Kaspersky Lab, the number of malicious installation packages hit more than 8.5 million in 2016, three times that of 2015. This grim reality necessitates an effective & generic solution to detect mobile malware.
In this talk, we detail our research regarding generic and static detection of mobile malware using machine learning. Because Android is more popular, our prototype focuses on Android but without loss of generality it can be applied equally to the iOS platform.