TY - GEN
T1 - Collaboratively filtering malware infections
T2 - 50th ACM Turing Conference - China, ACM TUR-C 2017
AU - Hou, Jieqiong
AU - Qian, Haifeng
N1 - Publisher Copyright:
© 2017 ACM.
PY - 2017/5/12
Y1 - 2017/5/12
N2 - Malicious applications pose a threat to the security of the Android platform and Android smartphones often remain unprotected from novel malware. In this paper, we propose a Tensor filter, a collaborative approach for detection of Android malware, which extracting three feature sets into a three-order tensor A instead of a vector space. As the limited resources impede monitoring applications at run-time, Tensor filter performs a broad static analysis, gathering three contributed feature sets by a mathematical statistics method. These features are coded into a three-order tensor A and fitted an integrated tensor A∗ as well as deal with sparse problem by Tensor decomposition, which could reveal latent factors together. Tensor filter divides a large scale unknown applications into two categories, benign or malicious, according to integrated tensor A∗, and typical combination of features indicative for malware can be used for explaining the decisions of our method. In an evaluation with 60,420 applications and 10,000 malware samples Tensor filter outperforms several industrial malware detection tools with the accuracy of 82.5%.
AB - Malicious applications pose a threat to the security of the Android platform and Android smartphones often remain unprotected from novel malware. In this paper, we propose a Tensor filter, a collaborative approach for detection of Android malware, which extracting three feature sets into a three-order tensor A instead of a vector space. As the limited resources impede monitoring applications at run-time, Tensor filter performs a broad static analysis, gathering three contributed feature sets by a mathematical statistics method. These features are coded into a three-order tensor A and fitted an integrated tensor A∗ as well as deal with sparse problem by Tensor decomposition, which could reveal latent factors together. Tensor filter divides a large scale unknown applications into two categories, benign or malicious, according to integrated tensor A∗, and typical combination of features indicative for malware can be used for explaining the decisions of our method. In an evaluation with 60,420 applications and 10,000 malware samples Tensor filter outperforms several industrial malware detection tools with the accuracy of 82.5%.
KW - Collaborative filter
KW - Malware detection
KW - Tensor decomposition
UR - https://www.scopus.com/pages/publications/85021214050
U2 - 10.1145/3063955.3063983
DO - 10.1145/3063955.3063983
M3 - 会议稿件
AN - SCOPUS:85021214050
T3 - ACM International Conference Proceeding Series
BT - Proceedings of the ACM Turing 50th Celebration Conference - China, ACM TUR-C 2017
PB - Association for Computing Machinery
Y2 - 12 May 2017 through 14 May 2017
ER -