Skip to Main content Skip to Navigation
Conference papers

Pre-filtering Mobile Malware with Heuristic Techniques

Ludovic Apvrille 1, 2 Axelle Apvrille 
1 LabSoC - System on Chip
LTCI - Laboratoire Traitement et Communication de l'Information
Abstract : With huge amounts of new Android applications released every day, in dozens of different marketplaces, Android malware unfor- tunately have no difficulty to sneak in and silently spread, and put a high pressure on antivirus teams. To try and spot them more easily, we built an infrastructure, named SherlockDroid, whose goal is to filter out the mass of applications and only keep those which are the most likely to be malicious for future inspection by anti-virus teams. SherlockDroid is made of marketplace crawlers, code-level property extractors and a data mining software which decides whether the sample looks malicious or not. This data mining part is named Alligator, and is the main focus of the paper. Alligator classifies samples using clustering techniques. It first relies on a learning phase that determines the intermediate scores to apply to clustering algorithms of Alligator. Second, an operational phase classifies new samples using previously selected algorithms and scores. Alligator has been trained over an extensive set of both genuine Android applications and known malware. Then, it was tested for proactiveness, over new and more recent applications. The results are very encouraging and demonstrate the efficiency of this first heuristics engine for efficiently pre-filtering Android malware.
Complete list of metadata
Contributor : TelecomParis HAL Connect in order to contact the contributor
Submitted on : Friday, September 13, 2019 - 4:16:51 PM
Last modification on : Saturday, April 9, 2022 - 11:02:01 AM


  • HAL Id : hal-02286857, version 1


Ludovic Apvrille, Axelle Apvrille. Pre-filtering Mobile Malware with Heuristic Techniques. GreHaCk'2013, Nov 2013, Grenoble, France. ⟨hal-02286857⟩



Record views