Structural information based malicious app similarity calculation and clustering
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kim, Junhyoung | - |
dc.contributor.author | Kim, Tae Guen | - |
dc.contributor.author | Im, Eul Gyu | - |
dc.date.accessioned | 2022-07-15T20:46:27Z | - |
dc.date.available | 2022-07-15T20:46:27Z | - |
dc.date.created | 2021-05-13 | - |
dc.date.issued | 2015-10 | - |
dc.identifier.issn | 0000-0000 | - |
dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/156197 | - |
dc.description.abstract | Depending on expansion of supply of smartphone, development of mobile application is more active using various mobile platform. As a result of malicious applications, but also targeting the mobile it is rapidly increasing. In this paper, method of Android malware similarity and clustering. First, there is a need for a process for extracting the control flow graph in an Android application. By extract the control flow graph, we form structural information of methods in Android application called'4-tuple'. After we create the structural information extracted from the control flow graph it is necessary to compare the matching process. Matching process we propose has two steps, 'initial matching' and 'second matching'. Initial matching step is the process of matching the'4-tuple' information but not exactly same with each other only a single in Android application. Second matching step is process of matching in the same way as the initial matching target method that calling its method and method that is invoked. Finally, it measure the ratio of the total number of method in Android application and matched method after initial matching and second matching. Finally, it measure the ratio of the total number of method in Android application and matched method after initial matching and second matching. We proceeds clustering using the above process. Based on previous studies, we used the DBSCAN algorithm for clustering. It was 65.8% average using the structural information of the result of the clustering. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | Association for Computing Machinery, Inc | - |
dc.title | Structural information based malicious app similarity calculation and clustering | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Im, Eul Gyu | - |
dc.identifier.doi | 10.1145/2811411.2811545 | - |
dc.identifier.scopusid | 2-s2.0-84960846097 | - |
dc.identifier.bibliographicCitation | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015, pp.314 - 318 | - |
dc.relation.isPartOf | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015 | - |
dc.citation.title | Proceeding of the 2015 Research in Adaptive and Convergent Systems, RACS 2015 | - |
dc.citation.startPage | 314 | - |
dc.citation.endPage | 318 | - |
dc.type.rims | ART | - |
dc.type.docType | Conference Paper | - |
dc.description.journalClass | 1 | - |
dc.description.isOpenAccess | N | - |
dc.description.journalRegisteredClass | scopus | - |
dc.subject.keywordPlus | Clustering algorithms | - |
dc.subject.keywordPlus | Codes (symbols) | - |
dc.subject.keywordPlus | Computer crime | - |
dc.subject.keywordPlus | Data flow analysis | - |
dc.subject.keywordPlus | Flow graphs | - |
dc.subject.keywordPlus | Graphic methods | - |
dc.subject.keywordPlus | Malware | - |
dc.subject.keywordPlus | Process control | - |
dc.subject.keywordPlus | Android | - |
dc.subject.keywordPlus | Android applications | - |
dc.subject.keywordPlus | Clustering | - |
dc.subject.keywordPlus | Function matching | - |
dc.subject.keywordPlus | Malware analysis | - |
dc.subject.keywordPlus | Mobile applications | - |
dc.subject.keywordPlus | Similarity calculation | - |
dc.subject.keywordPlus | Structural information | - |
dc.subject.keywordPlus | Android (operating system) | - |
dc.subject.keywordAuthor | Android | - |
dc.subject.keywordAuthor | Clustering | - |
dc.subject.keywordAuthor | Function matching | - |
dc.subject.keywordAuthor | Malware analysis | - |
dc.identifier.url | https://dl.acm.org/doi/10.1145/2811411.2811545 | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1365
COPYRIGHT © 2021 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.