DroidSieve

Suárez-Tangil, Guillermo; Dash, Santanu Kumar; Ahmadi, Mansour; Kinder, Johannes; Giacinto, Giorgio; Cavallaro, Lorenzo

doi:10.1145/3029806.3029825

Cited by 156 publications

(33 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…L1-Regularized Linear Regression was the most robust method, and semanticsbased features such as "reachables," "happen-befores," and "unwanted behaviors," improved the robustness of malware classifiers. DroidSieve [20] was a fast, scalable, and accurate system for Android malware detection and family identification. A novel set of features for static detection comprises embedded assets and native code.…”

Section: Related Studiesmentioning

confidence: 99%

CLAP: Classification of Android PUAs by Similarity of DNS Queries

Hatada

Mori

2020

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

This work develops a system called CLAP that detects and classifies "potentially unwanted applications" (PUAs) such as adware or remote monitoring tools. Our approach leverages DNS queries made by apps. Using a large sample of Android apps from third-party marketplaces, we first reveal that DNS queries can provide useful information for detection and classification of PUAs. We then show that existing DNS blacklists are limited when performing these tasks. Finally, we demonstrate that the CLAP system performs with high accuracy.

show abstract

Section: Related Studiesmentioning

confidence: 99%

CLAP: Classification of Android PUAs by Similarity of DNS Queries

Hatada

Mori

2020

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

show abstract

“…Since this process is repeated ten times, the whole dataset is used for both training and testing with ensuring that all samples are used once for validation [52]. The metrics that are used for the evaluation of each algorithm are precision, recall, F-measure, and MCC because of they are commonly used evaluation metrics by the related work [2,10,19,22,36,46,52,74,80,83,85,[87][88]. As the evaluation result of the proposed static analysis approach when it is utilized with a wide range of algorithms is listed in Table 4, the precision, recall, and F-measure of the proposed static analysis approach are calculated as high as 0.987 when the system is utilized with the RandomForest algorithm and the number of decision trees is set to 1,000.…”

Section: Evaluation Of Machine Learning Algorithmsmentioning

confidence: 99%

What Static Analysis Can Utmost Offer for Android Malware Detection

Kabakuş

2019

ITC

View full text Add to dashboard Cite

Malicious applications are widespread for Android despite the taken serious actions by the operating system. Static and dynamic analysis techniques are utilized to detect malware by identifying the signatures of malicious applications by inspecting both the resources and behaviors of malware, respectively. In this study, what static analysis can utmost offer to detect malware in Android ecosystem is discussed and experimented on commonly used datasets in the literature by proposing a novel Android malware detection approach based on static analysis techniques. Some novel static analysis features which are proved to be effective in terms of detecting malware in Android ecosystem and are underestimated by the related work in the literature are introduced by proving their effectiveness in this study. The experimental result shows that the proposed Android malware detection approach is very effective in terms of detecting Android malware. Each feature used by the proposed approach is evaluated by using different types of machine learning techniques in order to highlight its impact on detecting malware and inform the digital investigators. The accuracy of the proposed static analysis approach is calculated as high as 0.987 for 10,865 applications.

show abstract

“…to characterize malicious applications; Maldetect [12] extracts Dalvik instructions from dex files and simplify them by symbolizing opcode. Then, N-gram encoding of the instruction sequence is used as the input feature of the classification; DroidSieve [13] extracts massive features centered on resources and semantics, and sorts the features to find the core features; FrequenSel [14]proposes a feature selection algorithm based on the frequency difference between the malicious application and benign application; HinDroid [15] extracts the API to construct a structured heterogeneous information network and characterized the relationship between APIs. The depth analysis and characterization of the extracted features make the classification better than the traditional detection methods.…”

Section: Feature Representation On Android Malware Detectionmentioning

confidence: 99%

DroidVecDeep: Android Malware Detection Based on Word2Vec and Deep Belief Network

Chen¹,

Mao²,

Lv³

et al. 2019

KSII TIIS

View full text Add to dashboard Cite

With the proliferation of the Android malicious applications, malware becomes more capable of hiding or confusing its malicious intent through the use of code obfuscation, which has significantly weaken the effectiveness of the conventional defense mechanisms. Therefore, in order to effectively detect unknown malicious applications on the Android platform, we propose DroidVecDeep, an Android malware detection method using deep learning technique. First, we extract various features and rank them using Mean Decrease Impurity. Second, we transform the features into compact vectors based on word2vec. Finally, we train the classifier based on deep learning model. A comprehensive experimental study on a real sample collection was performed to compare various malware detection approaches. Experimental results demonstrate that the proposed method outperforms other Android malware detection techniques.

show abstract

DroidSieve

Cited by 156 publications

References 34 publications

CLAP: Classification of Android PUAs by Similarity of DNS Queries

CLAP: Classification of Android PUAs by Similarity of DNS Queries

What Static Analysis Can Utmost Offer for Android Malware Detection

DroidVecDeep: Android Malware Detection Based on Word2Vec and Deep Belief Network

Contact Info

Product

Resources

About