Smart phones, particularly the ones based on Android, have become the most popular devices. The surfing habits of users have been changed from the traditional PC terminal to mobile terminal officially. However, the mobile terminal application exposes more and more problems. Two common ways to analyze malware are source code analysis and dynamic behavior analysis. Researchers pay little attention to the network traffic generated by mobile terminal application. Nevertheless, shell technology makes source code analysis difficult while dynamic behavior analysis consumes too much resource. In fact, normal application and malware perform differently at the network level. We found that the features of HTTP packet are dramatically different in normal traffic and malicious traffic dataset. The application analysis from the perspective of network traffic can provide us a new way to detect malware.
CITATION STYLE
Wang, S., Hou, S., Zhang, L., Chen, Z., & Han, H. (2015). Android malware network behavior analysis at HTTP protocol packet level. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9532, pp. 497–507). Springer Verlag. https://doi.org/10.1007/978-3-319-27161-3_45
Mendeley helps you to discover research relevant for your work.