Return to search

Tweet analysis for Android malware detection in Google Play Store

Master of Science / Department of Computer Science / Major Professor Not Listed / There are many approaches to detect if an app is malware or benign, for example, using static or dynamic analysis. Static analysis can be used to look for APIs that are indicative of malware. Alternatively, emulating the app’s behavior using dynamic analysis can also help in detecting malware. Each type of approach has advantages and disadvantages. To complement existing approaches, in this report, I studied the use of Twitter data to identify malware. The dataset that I used consists of a large set of Android apps made available by AndroZoo. For each app, AndroZoo provides information on vt detection, which records number of anti-virus programs in VirusTotal that label the app as malware. As an additional source of information about apps, I crawled a large set of tweets and analyzed them to identify patterns of malware and benign apps in Twitter. Tweets were crawled based on keywords related to Google Play Store app links. A Google Play Store app link contains the corresponding app’s ID, which makes it easy to link tweets to apps. Certain fields of the tweets were analyzed by comparing patterns in malware versus benign apps, with the goal of identifying fields that are indicative of malware behavior. The classification label from AndroZoo was considered as ground truth.

Identiferoai:union.ndltd.org:KSU/oai:krex.k-state.edu:2097/39367
Date January 1900
CreatorsFan, Zhiang
Source SetsK-State Research Exchange
Languageen_US
Detected LanguageEnglish
TypeReport

Page generated in 0.0015 seconds