TL;DR
This paper presents a dynamic analysis method for Android malware family classification using resource consumption metrics, achieving 82% accuracy with a reproducible approach based on publicly available tools.
Contribution
The authors introduce a resource consumption-based classification method that is easier to reproduce and can be applied to physical devices without modifying the Android OS.
Findings
Achieved 82% classification accuracy on Drebin dataset.
Method is reproducible using publicly available tools.
Effective against malware that evades static analysis.
Abstract
The vast majority of today's mobile malware targets Android devices. This has pushed the research effort in Android malware analysis in the last years. An important task of malware analysis is the classification of malware samples into known families. Static malware analysis is known to fall short against techniques that change static characteristics of the malware (e.g. code obfuscation), while dynamic analysis has proven effective against such techniques. To the best of our knowledge, the most notable work on Android malware family classification purely based on dynamic analysis is DroidScribe. With respect to DroidScribe, our approach is easier to reproduce. Our methodology only employs publicly available tools, does not require any modification to the emulated environment or Android OS, and can collect data from physical devices. The latter is a key factor, since modern mobile…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
