VizMal: A Visualization Tool for Analyzing the Behavior of Android Malware

Alessandro Bacci, Fabio Martinelli, Eric Medvet, Francesco Mercaldo

Abstract

Malware signature extraction is currently a manual and a time-consuming process. As a matter of fact, security analysts have to manually inspect samples under analysis in order to find the malicious behavior. From research side, current literature is lacking of methods focused on the malicious behavior localization: designed approaches basically mark an entire application as malware or non-malware (i.e., take a binary decision) without knowledge about the malicious behavior localization inside the analysed sample. In this paper, with the twofold aim of assisting the malware analyst in the inspection process and of pushing the research community in malicious behavior localization, we propose VizMal, a tool for visualizing the dynamic trace of an Android application which highlights the portions of the application which look potentially malicious. VizMal performs a detailed analysis of the application activities showing for each second of the execution whether the behavior exhibited is legitimate or malicious. The analyst may hence visualize at a glance when at to which degree an application execution looks malicious.

Download


Paper Citation


in Harvard Style

Bacci A., Martinelli F., Medvet E. and Mercaldo F. (2018). VizMal: A Visualization Tool for Analyzing the Behavior of Android Malware.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, ISBN 978-989-758-282-0, pages 517-525. DOI: 10.5220/0006665005170525


in Bibtex Style

@conference{forse18,
author={Alessandro Bacci and Fabio Martinelli and Eric Medvet and Francesco Mercaldo},
title={VizMal: A Visualization Tool for Analyzing the Behavior of Android Malware},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,},
year={2018},
pages={517-525},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006665005170525},
isbn={978-989-758-282-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,
TI - VizMal: A Visualization Tool for Analyzing the Behavior of Android Malware
SN - 978-989-758-282-0
AU - Bacci A.
AU - Martinelli F.
AU - Medvet E.
AU - Mercaldo F.
PY - 2018
SP - 517
EP - 525
DO - 10.5220/0006665005170525