Behaviour analysis of inter-app communication using a lightweight monitoring app for malware detection

Smartphone communications are becoming more and more useful for businesses to plan and organize their work and are mainly operated with android applications. The development of android applications has increased the curiosity of using the smartphone and also has many loopholes for the attackers to trigger the malicious activity. The detection of malicious activity is known as malware detection. Malware collusion is a new threat approach in which two or more malicious apps combine to accomplish their goals due to the fact that each app may appear benign to standard detection methods. To detect the malicious app, a behaviour analysis app is used to detect the communication between the two or more apps. Malicious application detection is a difficult task, especially because the user is sometimes entirely ignorant of the behaviour of the applications placed on their device. In this paper, the proposed model is a lightweight monitoring system used to detect malware by the behaviour analysis of the app. The designed model monitors the behaviour of the app by checking the app activities with the log file. These Log files consist of real-time activities and permissions of the app. Policy-based permissions are evaluated, and according to that, the malware apps are denied or granted to use the permissions of the other app. This designed model is implemented on Python 3.8 for performance metrics such as accuracy, precision, execution time, error, etc. The acquired accuracy for the proposed model is 95%, which is greater compared to the existing techniques such as MoDroid, CrowDroid and DL-Droid. Thus, the proposed model instantly detects the malware app based on the evaluation of the policy-based permissions.

Automated summary

This paper presents a lightweight monitoring system for detecting malicious applications through behavior analysis. By examining app activities and log files, the system evaluates app permissions and detects malicious apps based on predefined policies. Experimental results show that the system achieves an accuracy of 95%.