File(s) under permanent embargo
Android malware family classification based on sensitive opcode sequence
conference contribution
posted on 2019-01-01, 00:00 authored by J Jiang, S Li, M Yu, Gang LiGang Li, C Liu, K Chen, H Liu, W Huang© 2019 IEEE. Android malware family classification is an advanced task in Android malware analysis, detection and forensics. Existing methods and models have achieved a certain success for Android malware detection, but the accuracy and the efficiency are still not up to the expectation, especially in the context of multiple class classification with imbalanced training data. To address those challenges, we propose an Android malware family classification model by analyzing the code's specific semantic information based on sensitive opcode sequence. In this work, we construct a sensitive semantic feature-sensitive opcode sequence using opcodes, sensitive APIs, STRs and actions, and propose to analyze the code's specific semantic information, generate a semantic related vector for Android malware family classification based on this feature. Besides, aiming at the families with minority, we adopt an oversampling technique based on the sensitive opcode sequence. Finally, we evaluate our method on Drebin dataset, and select the top 40 malware families for experiments. The experimental results show that the Total Accuracy and Average AUC (Area Under Curve, AUC) reach 99.50% and 98.86% with 45. 17s per Android malware, and even if the number of malware families increases, these results remain good.
History
Event
IEEE Symposium on Computers and Communications (2019 : Barcelona, Spain)Pagination
1 - 7Publisher
IEEELocation
Barcelona, SpainPlace of publication
Piscataway, N.J.Publisher DOI
Start date
2019-06-29End date
2019-07-03ISSN
1530-1346ISBN-13
9781728129990Language
engPublication classification
E1 Full written paper - refereedTitle of proceedings
ISCC 2019 : Proceedings of the IEEE Symposium on Computers and CommunicationsUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC