Analysis of Android Malware Family Characteristic Based on Isomorphism of Sensitive API Call Graph

Submitted by grigby1 on Wed, 06/20/2018 - 12:49pm

Title	Analysis of Android Malware Family Characteristic Based on Isomorphism of Sensitive API Call Graph
Publication Type	Conference Paper
Year of Publication	2017
Authors	Zhou, H., Zhang, W., Wei, F., Chen, Y.
Conference Name	2017 IEEE Second International Conference on Data Science in Cyberspace (DSC)
Keywords	Algorithm design and analysis, android, Android (operating system), Android Malware family characteristic analysis, Androids, application program interfaces, call graph structures, graph similarity metric, graph theory, Heuristic algorithms, Human Behavior, Humanoid robots, invasive software, Libraries, Malware, malware analysis, malware instances, Metrics, Mobile communication, privacy, pubcrawl, resilience, Resiliency, sensitive API call graph, static analysis approach
Abstract	The analysis of multiple Android malware families indicates malware instances within a common malware family always have similar call graph structures. Based on the isomorphism of sensitive API call graph, we propose a method which is used to construct malware family features via combining static analysis approach with graph similarity metric. The experiment is performed on a malware dataset which contains 1326 malware samples from 16 different malware families. The result shows that the method can differentiate distinct malware family features and divide suspect malware samples into corresponding families with a high accuracy of 96.77% overall and even defend a certain extent of obfuscation.
URL	https://ieeexplore.ieee.org/document/8005492/
DOI	10.1109/DSC.2017.77
Citation Key	zhou_analysis_2017

Groups:

Science of Security VO