추천 글

2020 데이터 챌린지 (게임보안 트랙) 관련 소고

게임봇 데이터 챌린지를 몇년째 하고 있는데요, 데이터 배포 후 Accuracy, Precision, Recall, F1 스코어만으로 상을 주는게 아니라, 굳이 본선과정에서 팀별 발표 및 Q&A 세션을 두어서 검증하는 이유에 대해서 약간 부연설...

2016년 11월 8일 화요일

Android Malware Dataset - Andro-Dumpsys

Andro-Dumpsys: Anti-Malware System Based on the Similarity of Malware Creator and Malware Centric Information



1.  Introduction
Andro-Dumpsys is an anti-malware system based on similarity matching of malware-centric and malware creator-centric information. Our system runs a target application on an emulator, extracts odex bytecode—which basically collects parts of an application that are optimized before booting through volatile memory acquisition (dynamic analysis) in order to address the obfuscation, packing, dynamic loading techniques. Then, our system parses meaningful and relevant code patterns from the odex file and creates a profile of each application. In particular, for grasping the intent of malware creator, we leverage footprints, including the serial number of a certificate, operation codes (opcodes) in odex files, and meta-data in AndroidManifest.xml as feature vectors for malware characterization. By comparing the profiles, our system can detect and classify malware samples into related families.

2.  Publication
Jae-wook Jang, Hyunjae Kang, Jiyoung Woo, Aziz Mohaisen, Huy Kang Kim, Andro-Dumpsys: Anti-malware system based on the similarity of malware creator and malware centric information, Computers & Security, Volume 58, May 2016, Pages 125-138, ISSN 0167-4048, http://dx.doi.org/10.1016/j.cose.2015.12.005.

3.  Dataset Release
For academic purposes, we are happy to release our dataset. However, to avoid indiscriminate distribution of mobile malware, please send us a request sent by your official email account.
Contact : Huy Kang Kim (cenda at korea.ac.kr)
    • Textual description of dataset [ download ]  

4.  Acknowledgement
Andro-Dumpsys is developed by Hacking and Countermeasure Research Lab in the Graduate School of Information Security at the Korea University of Korea. 
Please contact “Huy Kang Kim” (cenda at korea.ac.kr) if you have any question.


댓글 없음:

댓글 쓰기