Kevin Allix
Jacques Klein
ABSTRACT
We present a growing collection of Android Applications collected from several sources, including the official Google Play app market. Our dataset, AndroZoo, currently contains more than three million apps, each of which has been analysed by tens of different Antivirus products to know which applications are detected as Malware. We provide this dataset to contribute to ongoing research efforts, as well as to enable new potential research topics on Android Apps. By releasing our dataset to the research community, we also aim at encouraging our fellow researchers to engage in reproducible experiments.
- K. Allix, T. F. Bissyandé, Q. Jerome, J. Klein, R. State, and Y. Le Traon. Empirical assessment of machine learning-based malware detectors for android: Measuring the gap between in-the-lab and in-the-wild validation scenarios. Empirical Software Engineering, pages 1--29, 2014. Google Scholar
Digital Library
- K. Allix, T. F. Bissyandé, J. Klein, and Y. Le Traon. Are your training datasets yet relevant? an investigation into the importance of timeline in machine learning-based malware detection. In Engineering Secure Software and Systems, volume 8978 of LNCS, pages 51--67. Springer International Publishing, 2015.Google ScholarCross Ref
- K. Allix, Q. Jérome, T. F. Bissyandé, J. Klein, R. State, and Y. Le Traon. A forensic analysis of android malware: How is malware written and how it could be detected? In Computer Software and Applications Conference (COMPSAC), 2014. Google ScholarDigital Library
- G. Hecht, O. Benomar, R. Rouvoy, N. Moha, and L. Duchien. Tracking the software quality of android applications along their evolution. In Automated Software Engineering (ASE), 2015 30th IEEE/ACM International Conference on, pages 236--247, Nov 2015.Google ScholarDigital Library
- L. Li, A. Bartel, T. F. Bissyandé, J. Klein, Y. Le Traon, S. Arzt, S. Rasthofer, E. Bodden, D. Octeau, and P. McDaniel. Iccta: Detecting inter-component privacy leaks in android apps. In Software Engineering (ICSE), 2015 IEEE/ACM 37th IEEE International Conference on, volume 1, pages 280--291, May 2015. Google ScholarDigital Library
- Y. Zhou and X. Jiang. Dissecting android malware: Characterization and evolution. In Proceedings of the 2012 IEEE Symposium on Security and Privacy, SP '12, pages 95--109, Washington, DC, USA, 2012. IEEE. Google ScholarDigital Library
Index Terms
- AndroZoo: collecting millions of Android apps for the research community
Recommendations
ShamDroid: gracefully degrading functionality in the presence of limited resource access
OOPSLA 2015: Proceedings of the 2015 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and ApplicationsGiven a program whose functionality depends on access to certain external resources, we investigate the question of how to gracefully degrade functionality when a subset of those resources is unavailable. The concrete setting motivating this problem ...
ShamDroid: gracefully degrading functionality in the presence of limited resource access
OOPSLA '15Given a program whose functionality depends on access to certain external resources, we investigate the question of how to gracefully degrade functionality when a subset of those resources is unavailable. The concrete setting motivating this problem ...
Android Malware Detection Based on Static Analysis of Characteristic Tree
CYBERC '15: Proceedings of the 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge DiscoveryThe number of mobile malware is greatly increasing and the malware detection malware has become a critical problem. Android is fast becoming the most popular mobile platform resulting in quick increase in malware targeting the platform. Current static-...
Reviews
James Harold Davenport
This is basically a data collection paper. How did the authors collect more than three million free Android apps (more than 20 terabytes) The answer: it's somewhat more delicate than one might have thought. In particular, one should avoid triggering the source's defenses. Deduplication is also a problem, as is distinguishing a source with no changes from a source that has changed in such a way that we don't detect the changes. They also give some statistics: 60 percent of the apps are from Google Play, and two Chinese markets account for a little less than 20 percent each. While 22 percent of the Google Play apps trigger at least one of the antivirus products at VirusTotal, less than one percent trigger ten or more of them. This is in marked contrast to the Chinese stores (where 33 percent and 17 percent, respectively, trigger at least ten) or another store where 100 percent do. The dataset is available, though the authors have some important caveats based on "the lack of a clear, universal copyright exemption for research." The authors use this tool in their own research, for which it is good to have the data collection methodology so clearly described.
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments