Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Jang, Jae-wook | - |
| dc.contributor.author | Kang, Hyunjae | - |
| dc.contributor.author | Woo, Jiyoung | - |
| dc.contributor.author | Mohaisen, Aziz | - |
| dc.contributor.author | Kim, Huy Kang | - |
| dc.date.accessioned | 2021-09-04T00:17:00Z | - |
| dc.date.available | 2021-09-04T00:17:00Z | - |
| dc.date.created | 2021-06-18 | - |
| dc.date.issued | 2016-05 | - |
| dc.identifier.issn | 0167-4048 | - |
| dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/88832 | - |
| dc.description.abstract | With the fast growth in mobile technologies and the accompanied rise of the integration of such technologies into our everyday life, mobile security is viewed as one of the most prominent areas and is being addressed accordingly. For that, and especially to address the threat associated with malware, various malware-centric analysis methods are developed in the literature to identify, classify, and defend against mobile threats and malicious actors. However, along with this development, anti-malware analysis techniques, such as packing, dynamic loading, and dex encryption, have seen wide adoption, making existing malware-centric analysis methods less effective. In this paper, we propose a feature-rich hybrid anti-malware system, called Andro-Dumpsys, which leverages volatile memory acquisition for accurate malware detection and classification. Andro-Dumpsys is based on similarity matching of malware creator-centric and malware-centric information. Using Andro-Dumpsys, we detect and classify malware samples into similar behavior groups by exploiting their footprints, which are equivalent to unique behavior characteristics. Our experimental results demonstrate that Andro-Dumpsys is scalable, and performs well in detecting malware and classifying malware families with low false positives and false negatives, and is capable of responding zero-day threats. (C) 2016 Elsevier Ltd. All rights reserved. | - |
| dc.language | English | - |
| dc.language.iso | en | - |
| dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
| dc.title | Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information | - |
| dc.type | Article | - |
| dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
| dc.identifier.doi | 10.1016/j.cose.2015.12.005 | - |
| dc.identifier.scopusid | 2-s2.0-84954211474 | - |
| dc.identifier.wosid | 000372764600008 | - |
| dc.identifier.bibliographicCitation | COMPUTERS & SECURITY, v.58, pp.125 - 138 | - |
| dc.relation.isPartOf | COMPUTERS & SECURITY | - |
| dc.citation.title | COMPUTERS & SECURITY | - |
| dc.citation.volume | 58 | - |
| dc.citation.startPage | 125 | - |
| dc.citation.endPage | 138 | - |
| dc.type.rims | ART | - |
| dc.type.docType | Article | - |
| dc.description.journalClass | 1 | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.subject.keywordAuthor | Volatile memory acquisition | - |
| dc.subject.keywordAuthor | Similarity | - |
| dc.subject.keywordAuthor | Malware creator centric information | - |
| dc.subject.keywordAuthor | Mobile malware | - |
| dc.subject.keywordAuthor | Android | - |
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.