Malware targeting Android OS has been increasing for years and Android malware cyberattacks in particular are growing in number. To provide effective countermeasures against Android malware, we need to not only detect the malware at a certain point in time but also analyze the time-series changes in the malware, given that the family of Android malware will increase in number over time. In this paper, we propose a new method for automatically creating a “family tree” of Android malware that can represent how the newly detected Android malware relates to existing Android malware and its families and how they have changed over time. Our evaluation based on two actual Android malware datasets shows that our proposed family tree can accurately represent time-series changes between malware families.
ASJC Scopus subject areas
- コンピュータ サイエンス（全般）