Abstract
Android malware unfortunately have little difficulty to sneak in marketplaces. While known malware and their variants are nowadays quite well detected by antivirus scanners, new unknown malware, which are fundamentally different from others (e.g. 0-day), remain an issue. To discover such new malware, the SherlockDroid framework filters masses of applications and only keeps the most likely to be malicious for future inspection by antivirus teams. Apart from crawling applications from marketplaces, SherlockDroid extracts code-level features, and then classifies unknown applications with Alligator. Alligator is a classification tool that efficiently and automatically combines several classification algorithms. To demonstrate the efficiency of our approach, we have extracted properties and classified over 600,000 applications during two crawling campaigns in July 2014 and October 2014, with the detection of one new malware, Android/Odpa.A!tr.spy, and two new riskware. With other findings, this increases SherlockDroid's Hall of Shame to 9 totally unknown malware and potentially unwanted applications.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
