Reference : Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android M...
Scientific congresses, symposiums and conference proceedings : Paper published in a book
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/31441
Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware
English
Hurier, Médéric mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Suarez-Tangil, Guillermo mailto [University College London - UCL]
Dash, Santanu Kumar mailto [University College London - UCL]
Bissyande, Tegawendé François D Assise mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Klein, Jacques mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC) >]
Cavallaro, Lorenzo mailto [Royal Holloway, University of London]
21-May-2017
MSR 2017
Yes
International
The 14th International Conference on Mining Software Repositories
from 20-05-2017 to 21-05-2017
Buenos Aires
Argentine
[en] malware ; android ; ground-truth ; datasets ; labelling
[en] Android malware is now pervasive and evolving rapidly. Thousands of malware samples are discovered every day with new models of attacks. The growth of these threats has come hand in hand with the proliferation of collective repositories sharing the latest specimens. Having access to a large number of samples opens new research directions aiming at efficiently vetting apps. However, automatically inferring a reference ground-truth from those repositories is not straightforward and can inadvertently lead to unforeseen misconceptions. On the one hand, samples are often mis-labeled as different parties use distinct naming schemes for the same sample. On the other hand, samples are frequently mis-classified due to conceptual errors made during labeling processes. In this paper, we analyze the associations between all labels given by different vendors and we propose a system called EUPHONY to systematically unify common samples into family groups. The key novelty of our approach is that no a-priori knowledge on malware families is needed. We evaluate our approach using reference datasets and more than 0.4 million additional samples outside of these datasets. Results show that EUPHONY provides competitive performance against the state-of-the-art.
University of Luxembourg: Interdisciplinary Centre for Security, Reliability and Trust - SNT
Researchers ; Professionals ; Students
http://hdl.handle.net/10993/31441
FnR ; FNR5921289 > Jacques Klein > AndroMap > Static Analysis For Android Security: Building the Map of Android Inter-Application Communication > 01/05/2014 > 30/04/2017 > 2013

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
PID4727047.pdfAuthor preprint552.56 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.