Abdul Kadir, Andi Fitriah and Balalo @ Bolalan, Hairul Nizam (2025) Perceptive computing for android threats: unveiling Jekyll and Hyde syndrome in scareware. International Journal on Perceptive and Cognitive Computing, 11 (1). pp. 50-59. E-ISSN 2462-229X
|
PDF
- Published Version
Download (3MB) | Preview |
Abstract
This paper spotlights Android scareware, relating its deceptive behavior to the dual personality syndrome of Jekyll and Hyde, as described in The Strange Case of Dr. Jekyll and Mr. Hyde. Modern scareware employs sophisticated evasion techniques, including metamorphic and polymorphic obfuscation, enabling it to alter its code structure during propagation. Additionally, anti-emulator techniques allow scareware to detect emulation environments and conceal malicious activities. To address these challenges, we propose a hybrid approach that combines static and dynamic analysis, leveraging features derived from unreferenced strings and network flow. This method enhances detection by uncovering scareware's dual behaviors. Using five classifiers, we construct models to address three detection scenarios: identifying malicious Android apps, categorizing apps by scareware type, and classifying apps into scareware families. Tested on a dataset of 1,350 samples, the proposed method outperforms existing approaches, achieving over 90% accuracy across all scenarios with an average false positive rate of just 0.04
| Item Type: | Article (Journal) |
|---|---|
| Uncontrolled Keywords: | Android, dynamic, scareware, static analysis, malware analysis, machine learning |
| Subjects: | T Technology > T Technology (General) |
| Kulliyyahs/Centres/Divisions/Institutes (Can select more than one option. Press CONTROL button): | Kulliyyah of Information and Communication Technology Kulliyyah of Information and Communication Technology |
| Depositing User: | Dr Andi Fitriah Abdul Kadir |
| Date Deposited: | 14 Apr 2025 11:44 |
| Last Modified: | 15 Apr 2025 10:53 |
| URI: | http://irep.iium.edu.my/id/eprint/120596 |
Actions (login required)
 |
View Item |
Download Statistics
Download Statistics