Android Malware Detection

The growing popularity of Android-based products has led to a surge in malware targeting Android platforms. 

UAH student and faculty researchers are developing malware detection technologies to help users identify malicious applications.  As part of this research, performance monitoring unit (PMU) hardware within the CPUs of the mobile device is used to gather behavioral signatures that distinguish malware from non-malicious applications.  The signatures are used to train machine learning algorithms to recognize malware.  We employ salience testing techniques to optimize the selection of PMU events for Android malware detection.

Source code developed as part of this research is now available HERE.

An archive of the collected data files and the modified Android OS image will be made available shortly.

Additional details regarding this work may be found in the publications listed below.

Hunter Stinson, Optimal Performance Counter Events for Detecting Android Malware, thesis, University of Alabama in Huntsville, 2013, advisor: Dr. David J. Coe.