Fingerprinting Android malware families
Nannan XIE;Xing WANG;Wei WANG;Jiqiang LIU
【期刊名称】《中国高等学校学术文摘·计算机科学》 【年(卷),期】2024(013)003
【摘要】The domination of the Android operating system in the market share of smart terminals has engendered increasing threats of malicious applications (apps).Research on Android malware detection has received considerable attention in academia and the industry.In particular,studies on malware families have been beneficial to malware detection and behavior analysis.However,identifying the characteristics of malware families and the features that can describe a particular family have been less frequently discussed in existing work.In this paper,we are motivated to explore the key features that can classify and describe the behaviors of Android malware families to enable fingerprinting the malware families with these features.We present a framework for signature-based key feature construction.In addition,we propose a frequency-based feature elimination algorithm to select the key features.Finally,we construct the fingerprints of ten malware families,including twenty key features in three categories.Results of extensive experiments using Support Vector Machine demonstrate that the malware family classification achieves an accuracy of 92% to 99%.The typical behaviors of malware families are analyzed based on