AndroTracker: Creator Information based Android Malware Classification System
1. Introduction
AndroTracker is a system which detects Android malware by incorporating creator’s information as a feature and classifies the malware into similar groups.
It enables fast detection of malware by using creator information such as serial number of certificate. Additionally, it analyzes malicious behaviors and permissions to increase detection accuracy.
AndroTracker also can classify malware based on similarity scoring.
2. Publication
Hyunjae Kang, Jae-wook Jang, Aziz Mohaisen, and Huy Kang Kim, “Detecting and Classifying Android Malware Using Static Analysis along with Creator Information,” International Journal of Distributed Sensor Networks, vol. 2015, Article ID 479174, 9 pages, 2015. doi:10.1155/2015/479174
Kang, Hyun Jae, et al. "Androtracker: Creator information based android malware classification system." Information Security Applications-15th International Workshop, WISA. Vol. 8909. 2014.
3. Dataset Release
For academic purposes, we are happy to release our dataset. However, to avoid indiscriminate distribution of mobile malware, you need the password to unzip the dataset. Please send us a request sent by your official email account. If you use our dataset for your experiment, please cite our papers.
Before downloading it, please read the following instructions carefully.
(1) The most of samples are zipped using 7zip.
(2) Then send e-mail to cenda at korea.ac.kr to get the decompress password. (Please identify your name, affiliation and purpose.)
(3) Please use these samples at your own risk.
Dataset Download Link: Download
Contact: Huy Kang Kim (cenda at korea.ac.kr)
4. Acknowledgement
AndroTracker is developed by the Hacking and Countermeasure Research Lab in the Graduate School of Information Security of the Korea University, Seoul, Korea.
Please contact “Huy Kang Kim” (cenda at korea.ac.kr) if you have any question.