Huang et al., 2016 - Google Patents
Android malware development on public malware scanning platforms: A large-scale data-driven studyHuang et al., 2016
View PDF- Document ID
- 16617975514997632081
- Author
- Huang H
- Zheng C
- Zeng J
- Zhou W
- Zhu S
- Liu P
- Chari S
- Zhang C
- Publication year
- Publication venue
- 2016 IEEE International Conference on Big Data (Big Data)
External Links
Snippet
Android malware scanning services (eg, VirusTotal) are websites that users submit suspicious Android programs and get an array of malware detection results. With the growing popularity of such websites, we suspect that, these services are not only used by …
- 238000011161 development 0 title abstract description 25
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Sejfia et al. | Practical automated detection of malicious npm packages | |
Zhan et al. | Atvhunter: Reliable version detection of third-party libraries for vulnerability identification in android applications | |
Bernardi et al. | Dynamic malware detection and phylogeny analysis using process mining | |
Hammad et al. | A large-scale empirical study on the effects of code obfuscations on android apps and anti-malware products | |
Herron et al. | Machine learning-based android malware detection using manifest permissions | |
Potharaju et al. | Plagiarizing smartphone applications: attack strategies and defense techniques | |
Lindorfer et al. | AndRadar: fast discovery of android applications in alternative markets | |
Cen et al. | A probabilistic discriminative model for android malware detection with decompiled source code | |
Rieck et al. | Automatic analysis of malware behavior using machine learning | |
Huang et al. | Android malware development on public malware scanning platforms: A large-scale data-driven study | |
Narouei et al. | DLLMiner: structural mining for malware detection | |
Allix et al. | A Forensic Analysis of Android Malware--How is Malware Written and How it Could Be Detected? | |
Zakeri et al. | A static heuristic approach to detecting malware targets | |
Khanmohammadi et al. | Empirical study of android repackaged applications | |
Aslan et al. | Using a subtractive center behavioral model to detect malware | |
Atzeni et al. | Countering android malware: A scalable semi-supervised approach for family-signature generation | |
Rafiq et al. | AndroMalPack: enhancing the ML-based malware classification by detection and removal of repacked apps for Android systems | |
Mateless et al. | Decompiled APK based malicious code classification | |
Korine et al. | DAEMON: dataset/platform-agnostic explainable malware classification using multi-stage feature mining | |
Ladisa et al. | On the feasibility of cross-language detection of malicious packages in npm and pypi | |
Huang et al. | A large-scale study of android malware development phenomenon on public malware submission and scanning platform | |
Gandotra et al. | Tools & Techniques for Malware Analysis and Classification. | |
Dahiya et al. | Android malware analysis and detection: A systematic review | |
Yuan et al. | Towards {Large-Scale} hunting for android {Negative-Day} malware | |
Bernardi et al. | Data-aware process discovery for malware detection: an empirical study |