SEMANTIC MODELLING OF ANDROID MALWARE FOR EFFECTIVE MALWARE COMPREHENSION,

DETECTION AND CLASSIFICATION

Constructed DSA of attacks

DSA & OBA depicts the essential invocation

of APIs in a malicious behavior

Android Malware

- 30.6% of apps are potential harmful apps

- Including privacy leakage, privilege escalation,

and ransomware.

Motivation

- Semantic modeling, identify malware essences

- Combined detection, scalability & precision

- Attack identification, understand attacks

For known Android malware

- Learn DSA & OBA

- Extract feature for training

For Android Apps to test

- Extract feature and do classification

- Generate DFA to do family classification

- Identify OBA to determine attacks

INTRODUCTION CONSTRUCTION OF DSA

EVALUATIONSYSTEM OVERVIEW

Guozhu Meng, Yinxing Xue and Yang Liu. School of Computer Science and Engineering, NTU