| Autor: |
Andreas Zeller, Florian Groß, Alessandra Gorla, Ilaria Tavecchia, Konstantin Kuznetsov |
| Rok vydání: |
2015 |
| Předmět: |
|
| Zdroj: |
The Art and Science of Analyzing Software Data |
| DOI: |
10.1016/b978-0-12-411519-4.00010-0 |
| Popis: |
How do we know a program does what it claims to do? Our CHABADA prototype can cluster Android™ apps by their description topics and identify outliers in each cluster with respect to their API usage. A “weather” app that sends messages thus becomes an anomaly; likewise, a “messaging” app would typically not be expected to access the current location and would also be identified. In this paper we present a new approach for anomaly detection that improves the classification results of our original CHABADA paper [ 1 ]. Applied on a set of 22,500+ Android applications, our CHABADA prototype can now predict 74% of novel malware and as such, without requiring any known malware patterns, maintains a false positive rate close to 10%. |
| Databáze: |
OpenAIRE |
| Externí odkaz: |
|
