International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 01 | Jan 2020 www.irjet.net p-ISSN: 2395-0072 © 2020, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 205 Local Security Enhancement and Intrusion Prevention in Android Devices Santhosh Voruganti 1 , Mohd Muawiz Siddiqui 2 , Jallawaram Abhishek 3 , Karnati Ramyakrishna 4 1 Asst.Prof, IT Department CBIT Hyderabad 2 Student, IT Department CBIT Hyderabad 3 Student, IT Department CBIT Hyderabad 4 Student, Osmania University Hyderabad ----------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Android smart phones amount to 82% of the devices in the smartphone market. Every year there are more than 500 million new handsets sold, thereby granting Android the monopoly in the smartphone market. With an exponential increase in the number of users the risks associated with the phones also increases exponentially. In this paper, we use earlier approaches of host-based intrusion detection systems and behavior-based intrusion prevention systems for Android smartphones to design and implement a host-based, behavior-based intrusion prevention system, for Android smartphones. Our system uses net flow based clustering to identify anomalies and correlates further with the host-based features to verify malware intrusions in the Android system. Our goal is to provide versatile security for Android smartphones, offering detection of a wide range of attacks including denial of service attacks and probing. The system should be able to detect new attacks as well, thus providing scope for extending the method to other security solutions. Key Words: Android; Host-Based; Behaviour-Based Information Security; Intrusion Prevention; Logit Boost. 1. INTRODUCTION The global telephony industry is witnessing an on- going proliferation of smartphones. A smartphone is an advanced mobile communication and a computing device which is shaping the way we communicate process and store information at work, at home and on the move. Smartphones are no longer mere voice communication devices. The considerable processing and storage capabilities are making their users to store and process private and business data. Data associated with these activities have significant value and over the recent years, smartphones are becoming an increasingly interesting target for cyber-criminals due to the wealth of personal data in them. Over the past years, smartphone market share has increased rapidly and currently Android smartphones are dominating the smartphones. The popularity of Android open platform and the relative ease of programmability is making Android platform the lead malware target as well. However, this is possibly due to the unregulated third-party app stores for Android. Cybercriminals find the motivation to exploit smartphones as they store a wealth of personal data. Users tend to store more of their personal data on their smartphones, than on PCs; such as photos, videos, SMS, emails, and banking/shopping apps. Therefore, in this mobile computing era, protecting the safety of the smartphones is a top priority. The advanced mobile communication devices such as smart phones are changing the way in which we communicate process and store data from any place. They evolved from simple mobile phones into sophisticated and yet compact mini computers. They are not just voice communication devices. Apart from browsing internet these devices can receive email send MMS messages, exchange information by connecting to other devices. They are also equipped with operating system, text editors, spreadsheet editors and database processors. As the capabilities of mobile devices evolve, their usage for processing and storing private and business data is likely to increase. Currently 200 million users are using smart phones worldwide and the number of people using smart phones will likely to increase to 1 billion in the next 2 years. That is approximately one sixth of the world population and equivalent to population of India. As these devices can allow third party software’s to run on them they are vulnerable to various threats like viruses, malware, worms and Trojan horses. Also a mobile device can initiate communication on anyone of its communication interfaces and also can connect to wide variety of wireless networks. Intrusion prevention mechanisms such as encryption, authentication alone cannot improve the security of the system. Already existing desktop based Intrusion Detection software’s may not be good for mobile systems because of the memory consumption rate and power consumption. We need to come up with Intrusion detection systems that will not only improve the security of these systems but also reduce the processing overhead from the system. In this paper, we aim to successfully overcome the shortcomings of existing systems i.e. Host-Based Intrusion Detection and Behavior Based intrusion Detection. A host- based system is faster and allows mobility of devices, thus making it a more feasible design trait for smart phones. A behavior based system is employed because it uses a learned pattern of normal network packets to identify active intrusion attempts and can adapt to new and original attacks, unlike knowledge-based systems. In behavior-based systems, feature reduction and selection reduces the number