Digital Library[ Search Result ]
Analyzing the Effects of API Calls in Android Malware Detection Using Machine Learning
Seonghyun Park, Munyeong Kang, Jihyeon Park, Seong-je Cho, Sangchul Han
http://doi.org/10.5626/JOK.2021.48.3.257
This paper evaluates the effect of preprocessing and representing API call information on the accuracy of the system to detect malicious Android apps. We extract API calls that access or control sensitive data from target apps, and use the calls in machine learning algorithms to detect malicious apps. We then determine which expression of the API calls is most effective in classifying the apps as malicious or benign. Four ways of representing each API call are considered: class/method name with and without arguments/return type, and its presence (whether an API is called or not) and its frequency if called. The detection system has performed slightly better when the arguments/return type and the frequency of each API call were considered together. Its feature size was most efficient when considering the class/method name and the presence of each API call.
Distribution of Malicious Apps Considering App Categories and Development Tools in Major Android Markets
Jihwan Oh, Myeonggeon Lee, SeongJe Cho, Sangchul Han
http://doi.org/10.5626/JOK.2019.46.2.109
According to recent cyber security analysis reports, there are numerous malicious apps available in online markets. In this paper, we analyzed the portion of malicious apps by market, main category, and cross-platform development tools for apps distributed on Android"s official market (Google Play) and a third-party market (Amazon Appstore). The apps were collected from the 13 main categories of the markets and examined using the VirusTotal service. We classified them into benign app, malware and potentially-unwanted applications (PUA). The percentage of each category and development tool used was then quantified. The distribution of malicious apps created with primary cross-platform development tools was also measured. Out of the total 22,615 apps collected, 4,741 of them were found to be malicious apps. The percentage of malicious apps was found to be 14.39% and 24.85% in Google play and Amazon Appstore respectively. The categories with the highest percentage of malicious apps were Utilities (19.8%) and Weather (19.1%) in Google Play, and Social (40.2%), Travel&Local (36.3%) and Weather (34.9%) in Amazon Appstore. Caution should be exercised when users install apps from these categories. Additionally, the percentage of malicious apps written using cross-platform development tools was 17.8%, a dramatic increase in comparison to previous statistics.
Classifying Windows Executables using API-based Information and Machine Learning
DaeHee Cho, Kyeonghwan Lim, Seong-je Cho, Sangchul Han, Young-sup Hwang
Software classification has several applications such as copyright infringement detection, malware classification, and software automatic categorization in software repositories. It can be also employed by software filtering systems to prevent the transmission of illegal software. If illegal software is identified by measuring software similarity in software filtering systems, the average number of comparisons can be reduced by shrinking the search space. In this study, we focused on the classification of Windows executables using API call information and machine learning. We evaluated the classification performance of machine learning-based classifier according to the refinement method for API information and machine learning algorithm. The results showed that the classification success rate of SVM (Support Vector Machine) with PolyKernel was higher than other algorithms. Since the API call information can be extracted from binary executables and machine learning-based classifier can identify tampered executables, API call information and machine learning-based software classifiers are suitable for software filtering systems.
Energy-aware EDZL Real-Time Scheduling on Multicore Platforms
Mobile real-time systems with limited system resources and a limited power source need to fully utilize the system resources when the workload is heavy and reduce energy consumption when the workload is light. EDZL (Earliest Deadline until Zero Laxity), a multiprocessor real-time scheduling algorithm, can provide high system utilization, but little work has been done aimed at reducing its energy consumption. This paper tackles the problem of DVFS (Dynamic Voltage/Frequency Scaling) in EDZL scheduling. It proposes a technique to compute a uniform speed on full-chip DVFS platforms and individual speeds of tasks on per-core DVFS platforms. This technique, which is based on the EDZL schedulability test, is a simple but effective one for determining the speeds of tasks offline. We also show through simulation that the proposed technique is useful in reducing energy consumption.
Search
Journal of KIISE
- ISSN : 2383-630X(Print)
- ISSN : 2383-6296(Electronic)
- KCI Accredited Journal
Editorial Office
- Tel. +82-2-588-9240
- Fax. +82-2-521-1352
- E-mail. chwoo@kiise.or.kr