標題: | Security Semantics Modeling with Progressive Distillation |
作者: | Shen, Zong-Xian Hsu, Chia-Wei Shieh, Shiuhpyng Winston 資訊工程學系 Department of Computer Science |
關鍵字: | Repackaged apps;malware;Android |
公開日期: | 1-Nov-2017 |
摘要: | The prevalence of Android platform has attracted adversaries to craft malicious payloads for illegal profit. Such malicious artifacts are frequently reused and embedded in benign, paid apps to lure victims that the apps have been cracked for free. To discover these fraudulent apps, administrators of app markets desire an automated scanning process to maintain the health of app ecosystem. However, conventional approaches cannot be efficiently applied due to the lack of a scalable, effective approach to malware characteristics aggregation. On the other hand, the vast number of apps significantly increases the analysis complexity. In this paper, we propose Petridish which generates discriminative models against the repacked malicious apps. These representative models of malicious semantics can be progressively distilled with malign and benign samples. These models can further detect repacked malicious apps. Our experiment shows that, after two retraining rounds, Petridish achieved an average of 28 percent progressive detection improvement from 63 to 91.2 percent for the large families, exceeding 38 test samples in size. With noise reduction, it accomplished 88 percent detection rate and 1.7 percent false alarm rate. The characteristics aggregation approach will become critical in the age of app explosion. |
URI: | http://dx.doi.org/10.1109/TMC.2017.2690425 http://hdl.handle.net/11536/143875 |
ISSN: | 1536-1233 |
DOI: | 10.1109/TMC.2017.2690425 |
期刊: | IEEE TRANSACTIONS ON MOBILE COMPUTING |
Volume: | 16 |
起始頁: | 3196 |
結束頁: | 3208 |
Appears in Collections: | Articles |