Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information
1. IntroductionAndro-AutoPsy is an anti-malware system based on similarity matching of malware-centric and malware creator-centric information. Our system classifies malware samples into similar subgroups by exploiting the profiles extracted from integrated footprints, which are implicitly equivalent to distinct behavior characteristics. Andro-AutoPsy is capable of distinguishing benign and malicious applications and classifying malicious applications into similar behavior groups. Furthermore, Andro-AutoPsy is capable of detecting zero-day threats, which are missed by antivirus scanners.
2. PublicationJae-wook Jang, Hyunjae Kang, Jiyoung Woo, Aziz Mohaisen, and Huy Kang Kim, “Andro-AutoPsy: Anti-malware system based on similarity matching of malware and malware creator-centric information,” Digital Investigation, vol. 14, pp. 17–35, 2015.
3. Dataset ReleaseFor academic purposes, we are happy to release our dataset. However, to avoid indiscriminate distribution of mobile malware, please send us a request sent by your official email account.Contact : Huy Kang Kim (cenda at korea.ac.kr)
- Textual description of dataset [ download ]
4. AcknowledgementAndro-AutoPsy is developed by Hacking and Countermeasure Research Lab in the Graduate School of Information Security at the Korea University of Korea.Please contact “Huy Kang Kim” (cenda at korea.ac.kr) if you have any question.