Abstract
The threat of Android malware is uprising quickly with the prevalence of smart mobile devices. Existing static analysis techniques on Android APK focus more on package configuration than on code itself. Android applications call system APIs to implement functionalities and to carry out behaviors. Malware of different types and code families share the same API usage pattern and call structures. This research proposes to construct for each APK its API-usage characteristics on different hierarchical layers of code, namely packets, classes and functions. A tree structure is used to describe and present such API-usage information. By comparing such tree structures, APK similarities are computed, and the clustering of APKs to reveal malware type/family categories becomes possible. Preliminary experiments validates the approach, and the result shows its effectiveness and precision promising.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
