作者
Ke Tian, Danfeng Yao, Barbara G Ryder, Gang Tan, Guojun Peng
发表日期
2017/8/29
期刊
IEEE Transactions on Dependable and Secure Computing
卷号
17
期号
1
页码范围
64-77
出版商
IEEE
简介
During repackaging, malware writers statically inject malcode and modify the control flow to ensure its execution. Repackaged malware is difficult to detect by existing classification techniques, partly because of their behavioral similarities to benign apps. By exploring the app's internal different behaviors, we propose a new Android repackaged malware detection technique based on code heterogeneity analysis. Our solution strategically partitions the code structure of an app into multiple dependence-based regions (subsets of the code). Each region is independently classified on its behavioral features. We point out the security challenges and design choices for partitioning code structures at the class and method level graphs, and present a solution based on multiple dependence relations. We have performed experimental evaluation with over 7,542 Android apps. For repackaged malware, our partition-based …
引用总数
2017201820192020202120222023202421110172016117
学术搜索中的文章
K Tian, D Yao, BG Ryder, G Tan, G Peng - IEEE Transactions on Dependable and Secure …, 2017