Research Article
Visual Analysis of Android Malware Behavior Profile Based on : A Pruned Lightweight APP Call Graph
@INPROCEEDINGS{10.1007/978-3-319-78813-5_23, author={Yan Zhang and Gui Peng and Lu Yang and Yazhe Wang and Minghui Tian and Jianxing Hu and Liming Wang and Chen Song}, title={Visual Analysis of Android Malware Behavior Profile Based on : A Pruned Lightweight APP Call Graph}, proceedings={Security and Privacy in Communication Networks. 13th International Conference, SecureComm 2017, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings}, proceedings_a={SECURECOMM}, year={2018}, month={4}, keywords={Android malware analysis Malware visualization Machine learning Assisted manual analysis}, doi={10.1007/978-3-319-78813-5_23} }- Yan Zhang
Gui Peng
Lu Yang
Yazhe Wang
Minghui Tian
Jianxing Hu
Liming Wang
Chen Song
Year: 2018
Visual Analysis of Android Malware Behavior Profile Based on : A Pruned Lightweight APP Call Graph
SECURECOMM
Springer
DOI: 10.1007/978-3-319-78813-5_23
Abstract
In recent years, there is a sharp increasing in the number of malicious APPs on the Android platform, so how to identify new type of Android malware and its malicious behaviors has been a hot research topic in the security community. This paper presents a visualization framework to help security analysts precisely distinguish malicious profiles of APPs. By labeling target nodes, adding implicit call edges, pruning harmless branches, and a few other operations, we generate a new kind of call graph: . This graph not only has a sharp decrease in size comparing to the original APP call graph but also preserves the malicious core of malware well. Based on , visual interfaces are designed to assist users in checking the malicious behavior profile of samples with rich user interactive operations. We study real world samples to prove the usability and efficiency of our approach.
