Biblio
Filters: Author is Jung, Jaemin [Clear All Filters]
.
2019. A New Technique for Detecting Android App Clones Using Implicit Intent and Method Information. 2019 Eleventh International Conference on Ubiquitous and Future Networks (ICUFN). :478–483.
Detecting repackaged apps is one of the important issues in the Android ecosystem. Many attackers usually reverse engineer a legitimate app, modify or embed malicious codes into the app, repackage and distribute it in the online markets. They also employ code obfuscation techniques to hide app cloning or repackaging. In this paper, we propose a new technique for detecting repackaged Android apps, which is robust to code obfuscation. The technique analyzes the similarity of Android apps based on the method call information of component classes that receive implicit intents. We developed a tool Calldroid that implemented the proposed technique, and evaluated it on apps transformed using well-known obfuscators. The evaluation results showed that the proposed technique can effectively detect repackaged apps.
.
2018. Android Malware Detection Using Convolutional Neural Networks and Data Section Images. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :149-153.
The paper proposes a new technique to detect Android malware effectively based on converting malware binaries into images and applying machine learning techniques on those images. Existing research converts the whole executable files (e.g., DEX files in Android application package) of target apps into images and uses them for machine learning. However, the entire DEX file (consisting of header section, identifier section, data section, optional link data area, etc.) might contain noisy information for malware detection. In this paper, we convert only data sections of DEX files into grayscale images and apply machine learning on the images with Convolutional Neural Networks (CNN). By using only the data sections for 5,377 malicious and 6,249 benign apps, our technique reduces the storage capacity by 17.5% on average compared to using the whole DEX files. We apply two CNN models, Inception-v3 and Inception-ResNet-v2, which are known to be efficient in image processing, and examine the effectiveness of our technique in terms of accuracy. Experiment results show that the proposed technique achieves better accuracy with smaller storage capacity than the approach using the whole DEX files. Inception-ResNet-v2 with the stochastic gradient descent (SGD) optimization algorithm reaches 98.02% accuracy.