Android malware classification method: Dalvik bytecode frequency analysis
- Authors
- Kang, Byeongho; Kang, BooJoong; Kim, Jungtae; Im, Eul Gyu
- Issue Date
- Oct-2013
- Publisher
- Association for Computing Machinary, Inc.
- Keywords
- bytecode frequency analysis; google android; malware classification; mnemonic frequency analysis; random forest
- Citation
- Proceedings of the 2013 Research in Adaptive and Convergent Systems, RACS 2013, pp.349 - 350
- Indexed
- SCOPUS
- Journal Title
- Proceedings of the 2013 Research in Adaptive and Convergent Systems, RACS 2013
- Start Page
- 349
- End Page
- 350
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/161782
- DOI
- 10.1145/2513228.2513295
- ISSN
- 0000-0000
- Abstract
- The number of Android malware is increasing with the growth of Android, so there needs to have a method to classify malware families. There are many classification methods proposed so far, but most of them are based on permission information such as the number of requested permissions and critical permissions. Since permission information cannot represent actual application behaviors and permissions are easily separated into several communicating applications, the permission based classification methods can result in false alarms. Opposed to these permission based methods, our classification method is based on applications' Bytecode that contains actual application behaviors. Each malicious application family may have some similar Bytecode and can be classified using this information. In this paper, we propose a method to classify malware families from known malware, as a pre-step of malware detection.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.