Blogs (1) >>
ICSE 2019
Sat 25 - Fri 31 May 2019 Montreal, QC, Canada
Fri 31 May 2019 11:20 - 11:40 at Place du Canada - Machine Learning in Static Analysis Chair(s): Na Meng

The rapid growth of Android malware has posed severe security threats to smartphone users. On the basis of the familial trait of Android malware observed by previous work, the familial analysis is a promising way to help analysts better focus on the commonalities of malware samples within the same families, thus reducing the analytical workload and accelerating malware analysis. The majority of existing approaches rely on supervised learning and face three main challenges, i.e., low accuracy, low efficiency, and the lack of labeled dataset. To address these challenges, we first construct a fine-grained behavior model by abstracting the program semantics into a set of subgraphs. Then, we propose SRA, a novel feature that is obtained based on graph embedding techniques and represented as a vector, thus we can effectively reduce the high complexity of graph matching. After that, instead of training a classifier with labeled samples, we construct malware link network based on SRAs and apply community detection algorithms on it to group the unlabeled samples into groups. We implement these ideas in a system called GefDroid that performs Graph embedding based familial analysis of AnDroid malware using unsupervised learning. Moreover, we conduct extensive experiments to evaluate GefDroid on three datasets with ground truth. The results show that GefDroid can achieve high agreements (0.707-0.883 in term of NMI) between the clustering results and the ground truth. Furthermore, GefDroid requires only linear run-time overhead and takes around 8.6s to analyze a sample on average, which is faster than the prior arts.

Conference Day
Fri 31 May

Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:30
Machine Learning in Static AnalysisPapers / Technical Track at Place du Canada
Chair(s): Na MengVirginia Tech
11:00
20m
Talk
Training Binary Classifiers as Data Structure InvariantsTechnical Track
Technical Track
Facundo MolinaUniversidad Nacional de Rio Cuarto, Argentina, Renzo DegiovanniSnT, University of Luxembourg, Pablo PonzioDept. of Computer Science FCEFQyN, University of Rio Cuarto, Germán RegisUniversidad Nacional de Río Cuarto, Nazareno AguirreDept. of Computer Science FCEFQyN, University of Rio Cuarto, Marcelo F. FriasDept. of Software Engineering Instituto Tecnológico de Buenos Aires
11:20
20m
Talk
Graph Embedding based Familial Analysis of Android Malware using Unsupervised LearningTechnical Track
Technical Track
Ming FanMOEKLINNS Lab, Department of Computer Science and Technology, Xi'an Jiaotong University, 710049, China, Xiapu Luo, Jun LiuMOEKLINNS Lab, Department of Computer Science and Technology, Xi'an Jiaotong University, 710049, China, Meng WangUniversity of Bristol, UK, Chunyin Nong, Qinghua ZhengMOEKLINNS Lab, Department of Computer Science and Technology, Xi'an Jiaotong University, 710049, China, Ting LiuMOEKLINNS Lab, Department of Computer Science and Technology, Xi'an Jiaotong University, 710049, China
11:40
20m
Talk
A Novel Neural Source Code Representation based on Abstract Syntax TreeArtifacts AvailableTechnical Track
Technical Track
Jian ZhangBeihang University, Xu WangBeihang University, Hongyu ZhangThe University of Newcastle, Hailong SunBeihang University, Kaixuan WangBeihang University, Xudong LiuBeihang University
Pre-print
12:00
20m
Talk
A Neural Model for Generating Natural Language Summaries of Program SubroutinesTechnical Track
Technical Track
Alexander LeClairUniversity Of Notre Dame, Siyuan JiangEastern Michigan University, Collin McMillan
12:20
10m
Talk
Discussion Period
Papers