Analysis of Android Malware Family Characteristic Based on Isomorphism of Sensitive API Call Graph
- Resource Type
- Conference
- Authors
- Zhou, Hao; Zhang, Wei; Wei, Fengqiong; Chen, Yunfang
- Source
- 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC) DSC Data Science in Cyberspace (DSC), 2017 IEEE Second International Conference on. :319-327 Jun, 2017
- Subject
- Computing and Processing
Malware
Androids
Humanoid robots
Heuristic algorithms
Algorithm design and analysis
Libraries
Mobile communication
android
malware analysis
sensitive API call graph
- Language
The analysis of multiple Android malware families indicates malware instances within a common malware family always have similar call graph structures. Based on the isomorphism of sensitive API call graph, we propose a method which is used to construct malware family features via combining static analysis approach with graph similarity metric. The experiment is performed on a malware dataset which contains 1326 malware samples from 16 different malware families. The result shows that the method can differentiate distinct malware family features and divide suspect malware samples into corresponding families with a high accuracy of 96.77% overall and even defend a certain extent of obfuscation.