N-opcode analysis for android malware classification and categorization

BooJoong Kang, Suleiman Y. Yerima, Kieran McLaughlin, Sakir Sezer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

91 Citations (Scopus)
511 Downloads (Pure)

Abstract

Malware detection is a growing problem particularly on the Android mobile platform due to its increasing popularity and accessibility to numerous third party app markets. This has also been made worse by the increasingly sophisticated detection avoidance techniques employed by emerging malware families. This calls for more effective techniques for detection and classification of Android malware. Hence, in this paper we present an n-opcode analysis based approach that utilizes machine learning to classify and categorize Android malware. This approach enables automated feature discovery that eliminates the need for applying expert or domain knowledge to define the needed features. Our experiments on 2520 samples that were performed using up to 10-gram opcode features showed that an f-measure of 98% is achievable using this approach.
Original languageEnglish
Title of host publicationCyber Security: Proceedings of the 2016 International Conference on Cyber Security and Protection of Digital Services
Place of PublicationUnited Kingdom
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages7
ISBN (Electronic)978-1-5090-0709-7
ISBN (Print)978-1-5090-0710-3
DOIs
Publication statusPublished - 11 Jul 2016
EventCyber Security and Protection of Digital Services - London, United Kingdom
Duration: 13 Jun 201614 Jun 2016

Conference

ConferenceCyber Security and Protection of Digital Services
Abbreviated titleCyber Security
Country/TerritoryUnited Kingdom
CityLondon
Period13/06/201614/06/2016

Fingerprint

Dive into the research topics of 'N-opcode analysis for android malware classification and categorization'. Together they form a unique fingerprint.

Cite this