Andro-Simnet: Malware classification system based on the similarity network of malware 

1. Introduction

Andro-Simnet is an malware classification system based on the similarity network of malware. We applied a social network analysis method to our system so that it can classify malware into one's family accroding to the similar relation of malware. We used features, which are permission, API call sequence, refered file name, activity name, to get the final similarity of malware. Therefore, Andro-Simnet can classify malware samples with signature-based information and behavior-based information.

2. Publication

3. Demo Video

4. Dataset Release

For academic purposes, we are happy to release our dataset. If you use our dataset in your experiment, please cite our paper. 

5. Acknowledgement

Andro-Simnet is developed by Hacking and Countermeasure Research Lab in the Graduate School of Information Security at the Korea University of Korea.

Please contact “Huy Kang Kim” (cenda at if you have any question.