UCL logo

UCL Discovery

UCL home » Library Services » Electronic resources » UCL Discovery

Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware

Hurier, M; Suarez-Tangil, G; Dash, SK; Bissyande, TF; Le Traon, Y; Klein, J; Cavallaro, L; (2017) Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware. In: Proceedings of the 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR). (pp. pp. 425-435). IEEE: Buenos Aires, Argentina. Green open access

[img]
Preview
Text
2017msr-euphony.pdf - ["content_typename_Accepted version" not defined]

Download (565kB) | Preview

Abstract

Android malware is now pervasive and evolving rapidly. Thousands of malware samples are discovered every day with new models of attacks. The growth of these threats has come hand in hand with the proliferation of collective repositories sharing the latest specimens. Having access to a large number of samples opens new research directions aiming at efficiently vetting apps. However, automatically inferring a reference ground-truth from those repositories is not straightforward and can inadvertently lead to unforeseen misconceptions. On the one hand, samples are often mis-labeled as different parties use distinct naming schemes for the same sample. On the other hand, samples are frequently mis-classified due to conceptual errors made during labeling processes. In this paper, we analyze the associations between all labels given by different vendors and we propose a system called EUPHONY to systematically unify common samples into family groups. The key novelty of our approach is that no a-priori knowledge on malware families is needed. We evaluate our approach using reference datasets and more than 0.4 million additional samples outside of these datasets. Results show that EUPHONY provides competitive performance against the state-of-the-art.

Type: Proceedings paper
Title: Euphony: Harmonious Unification of Cacophonous Anti-Virus Vendor Labels for Android Malware
Event: IEEE/ACM 14th International Conference on Mining Software Repositories (MSR) 2017
Location: Buenos Aires, ARGENTINA
Dates: 20 May 2017 - 21 May 2017
Open access status: An open access version is available from UCL Discovery
DOI: 10.1109/MSR.2017.57
Publisher version: https://doi.org/10.1109/MSR.2017.57
Language: English
Additional information: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions.
Keywords: malware; android; ground-truth; datasets; labeling
UCL classification: UCL > Provost and Vice Provost Offices
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: http://discovery.ucl.ac.uk/id/eprint/10062704
Downloads since deposit
41Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item