How I Met Your Mother? - An Empirical Study about Android Malware Phylogenesis

Gerardo Canfora; Francesco Mercaldo; Antonio Pirozzi; Corrado Aaron Visaggio

doi:10.5220/0005968103100317

How I Met Your Mother? - An Empirical Study about Android Malware Phylogenesis

Gerardo Canfora, Francesco Mercaldo, Antonio Pirozzi, Corrado Aaron Visaggio

2016

Abstract

Android malware is becoming more and more aggressive, in terms of impact on the victim’s device and in terms of capability of evading detection. Not only smartphones with their sensitive information are targeted by attackers, but also devices such as watches, glasses and everything that can be connected to the Internet of Things. Current signature based antimalware or anomaly based detection are not able to detect zero-day attacks: even trivial code transformation can overcome detection. New malware is often not really new: malware writers are used to add functionality to existing malware, or merge different pieces of existing malware code: this determines the families of Android malware i.e. malware programs that have in common some essential features or behaviors and modify some other parts. To be able to recognize the malware familiy a malware belongs to is useful for malware analysis, fast infection response, and quick incident resolution. In this paper we introduce DescentDroid, a tool that traces back the malware descendant family. We experiment our technique with an extended dataset comprising malware and trusted applications, obtaining high precision in recognizing the malware family membership.

Download

Paper Citation

in Harvard Style

Canfora G., Mercaldo F., Pirozzi A. and Visaggio C. (2016). How I Met Your Mother? - An Empirical Study about Android Malware Phylogenesis . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 310-317. DOI: 10.5220/0005968103100317

in Bibtex Style

@conference{secrypt16,
author={Gerardo Canfora and Francesco Mercaldo and Antonio Pirozzi and Corrado Aaron Visaggio},
title={How I Met Your Mother? - An Empirical Study about Android Malware Phylogenesis},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={310-317},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005968103100317},
isbn={978-989-758-196-0},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - How I Met Your Mother? - An Empirical Study about Android Malware Phylogenesis
SN - 978-989-758-196-0
AU - Canfora G.
AU - Mercaldo F.
AU - Pirozzi A.
AU - Visaggio C.
PY - 2016
SP - 310
EP - 317
DO - 10.5220/0005968103100317