291 0

Structural information based malicious app similarity calculation and clustering

Title
Structural information based malicious app similarity calculation and clustering
Author
임을규
Keywords
Android; Clustering; Function matching; Malware analysis
Issue Date
2015-10
Publisher
ACM
Citation
Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015 9 October 2015, Page. 314-318
Abstract
Depending on expansion of supply of smartphone, development of mobile application is more active using various mobile platform. As a result of malicious applications, but also targeting the mobile it is rapidly increasing. In this paper, method of Android malware similarity and clustering. First, there is a need for a process for extracting the control flow graph in an Android application. By extract the control flow graph, we form structural information of methods in Android application called'4-tuple'. After we create the structural information extracted from the control flow graph it is necessary to compare the matching process. Matching process we propose has two steps, 'initial matching' and 'second matching'. Initial matching step is the process of matching the'4-tuple' information but not exactly same with each other only a single in Android application. Second matching step is process of matching in the same way as the initial matching target method that calling its method and method that is invoked. Finally, it measure the ratio of the total number of method in Android application and matched method after initial matching and second matching. Finally, it measure the ratio of the total number of method in Android application and matched method after initial matching and second matching. We proceeds clustering using the above process. Based on previous studies, we used the DBSCAN algorithm for clustering. It was 65.8% average using the structural information of the result of the clustering. © 2015 ACM.
URI
http://dl.acm.org/citation.cfm?id=2811545&CFID=967062804&CFTOKEN=79222297http://hdl.handle.net/20.500.11754/28247
ISBN
978-1-4503-3738-0
DOI
10.1145/2811411.2811545
Appears in Collections:
COLLEGE OF ENGINEERING[S](공과대학) > COMPUTER SCIENCE AND ENGINEERING(컴퓨터공학부) > Articles
Files in This Item:
There are no files associated with this item.
Export
RIS (EndNote)
XLS (Excel)
XML


qrcode

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

BROWSE