DroidGraph: Discovering Android malware by analyzing semantic behavior

Jonghoon Kwon, Jihwan Jeong, Jehyun Lee, Heejo Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

Mobile malware has been recently recognized as a significant problem in accordance with the rapid growth of the market share for smartphones. Despite of the numerous efforts to thwart the growth of mobile malware, the number of mobile malware is getting increased by evolving themselves. By applying, for example, code obfuscation or junk code insertion, mobile malware is able to manipulate its appearance while maintains the same functionality, thus mobile malware can easily evade the existing anti-mobile-malware solutions. In this paper, we focus on Android malware and propose a new method called DroidGraph to discover the evolved Android malware. DroidGraph leverages the semantics of Android malware. More precisely, we transform an APK file for Android malware to hierarchical behavior graphs that represent with 136 identical nodes based on the semantics of Android API calls. Then, we select unique behavior graphs as semantic signatures describing common behaviors for Android malware. In evaluation, DroidGraph shows approximately 87% of detection accuracy with only 40 semantic signatures against 260 real-world Android malware, and no false positives for 3,623 benign applications.

Original languageEnglish
Title of host publication2014 IEEE Conference on Communications and Network Security, CNS 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages498-499
Number of pages2
ISBN (Electronic)9781479958900
DOIs
Publication statusPublished - 2014 Dec 23
Event2014 IEEE Conference on Communications and Network Security, CNS 2014 - San Francisco, United States
Duration: 2014 Oct 292014 Oct 31

Publication series

Name2014 IEEE Conference on Communications and Network Security, CNS 2014

Other

Other2014 IEEE Conference on Communications and Network Security, CNS 2014
Country/TerritoryUnited States
CitySan Francisco
Period14/10/2914/10/31

Keywords

  • Android Malware
  • Semantic Analysis

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'DroidGraph: Discovering Android malware by analyzing semantic behavior'. Together they form a unique fingerprint.

Cite this