Title:
API CALL GRAPH EXTRACTION-BASED METHOD FOR DETECTING MALICIOUS BEHAVIOR PATTERNS IN MOBILE APPLICATION, AND RECORDING MEDIUM AND DEVICE FOR PERFORMING SAME
Document Type and Number:
WIPO Patent Application WO/2022/107963
Kind Code:
A1
Abstract:
An API call graph (ACG) extraction-based method for detecting malicious behavior patterns in a mobile application comprises the steps of: extracting an ACG, which is a call flow of APIs, from normal applications and applications conducting malicious behavior; generating a training dataset for deep learning from the extracted ACG and vectorizing the training dataset; training on the vectorized training dataset to generate a deep learning algorithm prediction model; extracting ACG features used for malicious behavior from the generated prediction model, and extracting malicious behavior patterns from the intersection between the malicious applications; and classifying applications conducting malicious behavior through similarity comparisons between the extracted malicious behavior patterns and a pattern extracted from a target application. Accordingly, the malicious behavior itself can be detected using the ACG that is the call flow of the API.
Inventors:
YI JEONG HYUN (KR)
KIM JIN SUNG (KR)
KIM JIN SUNG (KR)
Application Number:
PCT/KR2020/016913
Publication Date:
May 27, 2022
Filing Date:
November 26, 2020
Export Citation:
Assignee:
FOUNDATION SOONGSIL UNIV INDUSTRY COOPERATION (KR)
International Classes:
G06F21/56; G06N20/00
Foreign References:
| KR101969572B1 | 2019-04-16 | |||
| KR20200071822A | 2020-06-22 | |||
| KR20170081386A | 2017-07-12 |
Other References:
MUHAMMAD IKRAM; PIERRICK BEAUME; MOHAMED ALI KAAFAR: "DaDiDroid: An Obfuscation Resilient Tool for Detecting Android Malware via Weighted Directed Call Graph Modelling", ARXIV.ORG, CORNELL UNIVERSITY LIBRARY, 201 OLIN LIBRARY CORNELL UNIVERSITY ITHACA, NY 14853, 22 May 2019 (2019-05-22), 201 Olin Library Cornell University Ithaca, NY 14853 , XP081371182
OMER TRIPP ; MARCO PISTOIA ; STEPHEN J. FINK ; MANU SRIDHARAN ; OMRI WEISMAN: "TAJ", ACM SIGPLAN NOTICES, ASSOCIATION FOR COMPUTING MACHINERY, US, vol. 44, no. 6, 15 June 2009 (2009-06-15), US , pages 87 - 97, XP058083193, ISSN: 0362-1340, DOI: 10.1145/1543135.1542486
KIM, JINSUNG: "Malicious behavior pattern detection scheme for mobile application based on CNN", THESIS , 1 August 2020 (2020-08-01), Korea, pages 1 - 41, XP009536930
OMER TRIPP ; MARCO PISTOIA ; STEPHEN J. FINK ; MANU SRIDHARAN ; OMRI WEISMAN: "TAJ", ACM SIGPLAN NOTICES, ASSOCIATION FOR COMPUTING MACHINERY, US, vol. 44, no. 6, 15 June 2009 (2009-06-15), US , pages 87 - 97, XP058083193, ISSN: 0362-1340, DOI: 10.1145/1543135.1542486
KIM, JINSUNG: "Malicious behavior pattern detection scheme for mobile application based on CNN", THESIS , 1 August 2020 (2020-08-01), Korea, pages 1 - 41, XP009536930
Attorney, Agent or Firm:
YUN, Kuisang (KR)
Download PDF: