Android malware classification method: Dalvik bytecode frequency analysis
- Title
- Android malware classification method: Dalvik bytecode frequency analysis
- Author
- 임을규
- Keywords
- Malware Classification; Bytecode Frequency Analysis; Mnemonic Frequency Analysis; Random Forest; Google Android
- Issue Date
- 2013-10
- Publisher
- ACM New York, NY, USA ⓒ2013
- Citation
- Proceedings of the 2013 Research in Adaptive and Convergent Systems, RACS 2013, 2013, P.349-350
- Abstract
- The number of Android malware is increasing with the growth of Android, so there needs to have a method to classify malware families. There are many classification methods proposed so far, but most of them are based on permission information such as the number of requested permissions and critical permissions. Since permission information cannot represent actual application behaviors and permissions are easily separated into several communicating applications, the permission based classification methods can result in false alarms. Opposed to these permission based methods, our classification method is based on applications' Bytecode that contains actual application behaviors. Each malicious application family may have some similar Bytecode and can be classified using this information. In this paper, we propose a method to classify malware families from known malware, as a pre-step of malware detection.
- URI
- http://dl.acm.org/citation.cfm?doid=2513228.2513295https://repository.hanyang.ac.kr/handle/20.500.11754/73197
- ISBN
- 978-145032348-2
- DOI
- 10.1145/2513228.2513295
- Appears in Collections:
- COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE(컴퓨터소프트웨어학부) > Articles
- Files in This Item:
There are no files associated with this item.
- Export
- RIS (EndNote)
- XLS (Excel)
- XML