Android botnet detection: An integrated source code mining approach

Basil Alothman, Prapa Rattadilok

Research output: Chapter in Book/Conference proceedingConference contributionpeer-review

10 Citations (Scopus)

Abstract

Android is one of the most popular smartphone operating systems. This makes it one of the default targets for malicious cyber-attacks. Android's Play Store is not very restrictive which makes installing malicious apps easy. Botnets are amongst the most dangerous hacking approaches that are used nowadays on the internet. It is common for botnet developers to target smartphone users to install their malicious tools and target a larger number of devices. This is often done to gain access to sensitive data such as credit card details, or to cause damage to individual hosts or organisation resources by executing denial of service attacks. In this paper, we propose an approach to identify botnet Android mobile apps by means of source code mining. We analyse the source code via reverse engineering and data mining techniques for several examples of malicious and non-malicious apps. We use two approaches to build datasets. In the first, we perform text mining on the source code and construct several datasets and in the second we build one dataset by extracting source code metrics using an open-source tool. After building the datasets, we run several classification algorithms and assess their performance. Initial results show a high level of accuracy.

Original languageEnglish
Title of host publication2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages111-115
Number of pages5
ISBN (Electronic)9781908320933
DOIs
Publication statusPublished - 8 May 2018
Event12th International Conference for Internet Technology and Secured Transactions, ICITST 2017 - Cambridge, United Kingdom
Duration: 11 Dec 201714 Dec 2017

Publication series

Name2017 12th International Conference for Internet Technology and Secured Transactions, ICITST 2017

Conference

Conference12th International Conference for Internet Technology and Secured Transactions, ICITST 2017
Country/TerritoryUnited Kingdom
CityCambridge
Period11/12/1714/12/17

Keywords

  • Android App
  • Android Botnet Detection
  • Document Analysis
  • Malware Detection
  • Reverse Engineering
  • Source Code Mining
  • component

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Android botnet detection: An integrated source code mining approach'. Together they form a unique fingerprint.

Cite this