Date of Award
Master of Science (MS)
Electrical and Computer Engineering
David J. Coe
Computer networks--Security measures, Software protection, Data encryption (Computer science), Computer viruses
This work uses salience testing techniques to identify the best performance counter events for detecting malware on Android devices. Modifications were made to a Linux kernel module to enable monitoring and logging of performance counter events. Numerous experiments combining different performance counter events were conducted, and a variety of data aggregation and classification techniques were evaluated. Experiment results were analyzed as to determine how well certain combinations of performance counter events classify applications as malware or non-malware. Results indicate that there are combinations of performance counter events that do much better at detecting malware than those presented in prior work.
Stinson, Hunter, "Optimal performance counter events for detecting android malware" (2013). Theses. 26.