Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Jang, Jae-wook | - |
dc.contributor.author | Kang, Hyunjae | - |
dc.contributor.author | Woo, Jiyoung | - |
dc.contributor.author | Mohaisen, Aziz | - |
dc.contributor.author | Kim, Huy Kang | - |
dc.date.accessioned | 2021-09-04T00:17:00Z | - |
dc.date.available | 2021-09-04T00:17:00Z | - |
dc.date.created | 2021-06-18 | - |
dc.date.issued | 2016-05 | - |
dc.identifier.issn | 0167-4048 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/88832 | - |
dc.description.abstract | With the fast growth in mobile technologies and the accompanied rise of the integration of such technologies into our everyday life, mobile security is viewed as one of the most prominent areas and is being addressed accordingly. For that, and especially to address the threat associated with malware, various malware-centric analysis methods are developed in the literature to identify, classify, and defend against mobile threats and malicious actors. However, along with this development, anti-malware analysis techniques, such as packing, dynamic loading, and dex encryption, have seen wide adoption, making existing malware-centric analysis methods less effective. In this paper, we propose a feature-rich hybrid anti-malware system, called Andro-Dumpsys, which leverages volatile memory acquisition for accurate malware detection and classification. Andro-Dumpsys is based on similarity matching of malware creator-centric and malware-centric information. Using Andro-Dumpsys, we detect and classify malware samples into similar behavior groups by exploiting their footprints, which are equivalent to unique behavior characteristics. Our experimental results demonstrate that Andro-Dumpsys is scalable, and performs well in detecting malware and classifying malware families with low false positives and false negatives, and is capable of responding zero-day threats. (C) 2016 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
dc.title | Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
dc.identifier.doi | 10.1016/j.cose.2015.12.005 | - |
dc.identifier.scopusid | 2-s2.0-84954211474 | - |
dc.identifier.wosid | 000372764600008 | - |
dc.identifier.bibliographicCitation | COMPUTERS & SECURITY, v.58, pp.125 - 138 | - |
dc.relation.isPartOf | COMPUTERS & SECURITY | - |
dc.citation.title | COMPUTERS & SECURITY | - |
dc.citation.volume | 58 | - |
dc.citation.startPage | 125 | - |
dc.citation.endPage | 138 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.subject.keywordAuthor | Volatile memory acquisition | - |
dc.subject.keywordAuthor | Similarity | - |
dc.subject.keywordAuthor | Malware creator centric information | - |
dc.subject.keywordAuthor | Mobile malware | - |
dc.subject.keywordAuthor | Android | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.