TY - GEN
T1 - Differences in Android Behavior between Real Device and Emulator
T2 - 6th International Conference on Internet of Things: Systems, Management and Security, IOTSMS 2019
AU - Guerra-Manzanares, Alejandro
AU - Bahsi, Hayretdin
AU - Nomm, Sven
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/10
Y1 - 2019/10
N2 - Behavioral data extracted from emulators or real devices, such as system calls, are utilized in research studies where machine learning models have been employed for mobile malware detection. However, these studies do not explore whether the selection of data source may have an impact on the performance of the models, assuming that both data sources generate similar outputs. We provide a comparative analysis of the data sets obtained from both sources by using statistical techniques, inducing learning models and demonstrating the impact of data source selection on detection models' performance. Our study shows that emulators generate more distinguishable data than real devices, meaning that designers of detection models should pay attention to the data sources utilized in the various steps of the machine learning workflow.
AB - Behavioral data extracted from emulators or real devices, such as system calls, are utilized in research studies where machine learning models have been employed for mobile malware detection. However, these studies do not explore whether the selection of data source may have an impact on the performance of the models, assuming that both data sources generate similar outputs. We provide a comparative analysis of the data sets obtained from both sources by using statistical techniques, inducing learning models and demonstrating the impact of data source selection on detection models' performance. Our study shows that emulators generate more distinguishable data than real devices, meaning that designers of detection models should pay attention to the data sources utilized in the various steps of the machine learning workflow.
KW - android malware
KW - dynamic analysis
KW - machine learning
KW - mobile malware detection
KW - system call
UR - http://www.scopus.com/inward/record.url?scp=85076371676&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85076371676&partnerID=8YFLogxK
U2 - 10.1109/IOTSMS48152.2019.8939268
DO - 10.1109/IOTSMS48152.2019.8939268
M3 - Conference contribution
AN - SCOPUS:85076371676
T3 - 2019 6th International Conference on Internet of Things: Systems, Management and Security, IOTSMS 2019
SP - 399
EP - 404
BT - 2019 6th International Conference on Internet of Things
A2 - Alsmirat, Mohammad
A2 - Jararweh, Yaser
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 22 October 2019 through 25 October 2019
ER -