ios Mobile Malware Deep Analysis And Classification For Social Media And Online Banking Exploitation

Today, the rising cases of mobile malware exploiting iOS smartphones such as FinSpy and Exodus are leading to the loss of both productivity and credential information. Yet, there is a lack of detection solutions available to combat iOS malware attacks. Therefore, a comprehensive solution to detect i...

Full description

Saved in:
Bibliographic Details
Main Author: Muhammad ‘Afif Bin Husainiamer
Format: Thesis
Language:en_US
Subjects:
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Today, the rising cases of mobile malware exploiting iOS smartphones such as FinSpy and Exodus are leading to the loss of both productivity and credential information. Yet, there is a lack of detection solutions available to combat iOS malware attacks. Therefore, a comprehensive solution to detect iOS exploitation, especially related to social platforms and online banking, is in high demand. Hence, this research objectives are to construct an iOS malware classification and develop iOS malware exploitation detection model for detecting social media and online banking exploitation which involves a correlation between malware behaviour and iOS architecture. The last objective is to identify the applicability of developed patterns with current iOS application. Malware behaviour involves infection, activation, payload, operating algorithm, and propagation, whereas iOS architecture focuses on Cocoa Touch, media layer, core services, and core OS. Furthermore, the proposed model is underpinned by phylogenetics, which can identify malware evolvement based on the sources of malware genes associated with the history of evolution. The experiment is conducted using hybrid analysis, with 12 malware datasets from the Contagio. As a result, 30 new patterns are developed for this model. One hundred and fifty anonymous mobile applications from the Apple Store and third parties related to online banking and social media are used for the evaluation. Based on the evaluation, 4% of the mobile applications match with the patterns developed in this model. This proves that the developed model in this research can detect any possible security exploitation related to social media and online banking for iOS mobile apps. This work can be used as guidance for other researchers working on similar interests in the future.