TY - GEN
T1 - Auto-creation of Android Malware Family Tree
AU - Nomura, Kazuya
AU - Chiba, Daiki
AU - Akiyama, Mitsuaki
AU - Uchida, Masato
N1 - Funding Information:
VII. CONCLUSION We proposed a new method for creating family tree which is based on time-series changes of Android malware. Our evaluation using 24,474 actual Android malware APKs showed the validity and effectiveness of our created family tree. By creating a family tree through our method, we can obtain a significant amount of information regarding new malware and its trends. We hope that our method can be applied for a more efficient analysis of the ever-increasing Android malware APKs and as a useful threat intelligence approach linked to historical information. ACKNOWLEDGMENT This work was supported in part by the Japan Society for the Promotion of Science through Grants-in-Aid for Scientific Research (C) (20K11800). We thank Naoki Fukushi for the valuable discussion.
Publisher Copyright:
© 2021 IEEE.
PY - 2021/6
Y1 - 2021/6
N2 - Android malware has been a growing threat. For an effective countermeasure against Android malware, we need to not only detect the malware at a certain point in time but also analyze its time-series changes of malware, taking into account that the family of Android malware will increase in number over time. In this paper, we propose a new method for automatically creating a family tree of Android malware that can represent how the newly detected Android malware is related to existing Android malware and its families, and how they have changed over time. Our evaluation using 24,474 actual Android malware APKs shows that our proposed family tree is able to accurately represent time-series changes between malware families.
AB - Android malware has been a growing threat. For an effective countermeasure against Android malware, we need to not only detect the malware at a certain point in time but also analyze its time-series changes of malware, taking into account that the family of Android malware will increase in number over time. In this paper, we propose a new method for automatically creating a family tree of Android malware that can represent how the newly detected Android malware is related to existing Android malware and its families, and how they have changed over time. Our evaluation using 24,474 actual Android malware APKs shows that our proposed family tree is able to accurately represent time-series changes between malware families.
KW - Android
KW - Family tree
KW - Malware
UR - http://www.scopus.com/inward/record.url?scp=85115689093&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85115689093&partnerID=8YFLogxK
U2 - 10.1109/ICC42927.2021.9500876
DO - 10.1109/ICC42927.2021.9500876
M3 - Conference contribution
AN - SCOPUS:85115689093
T3 - IEEE International Conference on Communications
BT - ICC 2021 - IEEE International Conference on Communications, Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2021 IEEE International Conference on Communications, ICC 2021
Y2 - 14 June 2021 through 23 June 2021
ER -