SEMANTIC MODELLING OF ANDROID MALWARE …Android Malware - 30.6% of apps are potential harmful apps...

1
SEMANTIC MODELLING OF ANDROID MALWARE FOR EFFECTIVE MALWARE COMPREHENSION, DETECTION AND CLASSIFICATION Constructed DSA of attacks DSA & OBA depicts the essential invocation of APIs in a malicious behavior Android Malware - 30.6% of apps are potential harmful apps - Including privacy leakage, privilege escalation, and ransomware. Motivation - Semantic modeling, identify malware essences - Combined detection, scalability & precision - Attack identification, understand attacks For known Android malware - Learn DSA & OBA - Extract feature for training For Android Apps to test - Extract feature and do classification - Generate DFA to do family classification - Identify OBA to determine attacks INTRODUCTION CONSTRUCTION OF DSA EVALUATION SYSTEM OVERVIEW Guozhu Meng, Yinxing Xue and Yang Liu. School of Computer Science and Engineering, NTU

Transcript of SEMANTIC MODELLING OF ANDROID MALWARE …Android Malware - 30.6% of apps are potential harmful apps...

Page 1: SEMANTIC MODELLING OF ANDROID MALWARE …Android Malware - 30.6% of apps are potential harmful apps - Including privacy leakage, privilege escalation, and ransomware. Motivation -

SEMANTIC MODELLING OF ANDROID MALWARE FOR EFFECTIVE MALWARE COMPREHENSION,

DETECTION AND CLASSIFICATION

Constructed DSA of attacks

DSA & OBA depicts the essential invocation

of APIs in a malicious behavior

Android Malware

- 30.6% of apps are potential harmful apps

- Including privacy leakage, privilege escalation,

and ransomware.

Motivation

- Semantic modeling, identify malware essences

- Combined detection, scalability & precision

- Attack identification, understand attacks

For known Android malware

- Learn DSA & OBA

- Extract feature for training

For Android Apps to test

- Extract feature and do classification

- Generate DFA to do family classification

- Identify OBA to determine attacks

INTRODUCTION CONSTRUCTION OF DSA

EVALUATIONSYSTEM OVERVIEW

Guozhu Meng, Yinxing Xue and Yang Liu. School of Computer Science and Engineering, NTU