Chandigarh : Amid rising instances of cyber crime across the world, scientists at the Defence Research and Development Organisation (DRDO) have proposed a new technique to detect malicious applications in mobile phones.
A novel network traffic analysis-based framework has been conceived by experts at DRDO’s Scientific Analysis Group (SAG) and Delhi Technological University (DTU) that exploits cellular traffic features to detect malware.
Research into ways to counter cyber crime is a priority area in view of the ever-increasing use of digital media and smartphones in day-to-day life. According to government data, 3,377 cybercrime cases were reported in India during 2012, which went up to 50,035 in 2020.
According to the researchers, the operating systems of smartphones are prone to numerous attackers and malware designers who are constantly trying to elicit confidential information by a plethora of attacks through specially created malwares. Detection of such malwares to protect digital devices is the core function of smartphone security analysis.
“The robustness of the suggested framework, when evaluated on the standard datasets, outperforms contemporary techniques to achieve an average accuracy of 98.74 percent,” the researchers have claimed in a paper published by the DRDO on July 1. “A comparison of the evaluation matrices of the suggested framework with other contemporary approaches reveals better detection accuracy,” they added.
Two widely used malware detection methods pivot around static and dynamic analysis. Static investigation techniques failed to detect apps having code obfuscation, while conventional dynamic investigation needs are quite cumbersome.
The framework conceived by three researchers, two from SAG and one from DTU, consists of four blocks called traffic feature fusion, classifier score-fusion, decision criteria and reference apps update to detect malicious applications. Transmission Control Protocol (TCP), which is impervious to encrypted traffic unlike the Hypertext Transfer Protocol (HTTP), was used.
Mobile devices account for about 55 per cent of the global Internet traffic and analysing this traffic leads to incredible results in detecting malicious applications, the paper states. Analysing traffic is accomplished by studying the patterns in the network traffic for its identification and segregation for further investigation, the paper states.