elib
DLR-Header
DLR-Logo -> http://www.dlr.de
DLR Portal Home | Imprint | Privacy Policy | Contact | Deutsch
Fontsize: [-] Text [+]

Using Clone Detection for Finding Signatures of Malware Families: A Case Study on FinSpy

Scheidweiler, Nils and Schäfer, André and Amme, Wolfram and Heinze, Thomas (2021) Using Clone Detection for Finding Signatures of Malware Families: A Case Study on FinSpy. In: 2nd IEEE International Conference on Autonomic Computing and Self-Organizing Systems, ACSOS 2021. IEEE. SPS 2021, 27. September 2021, Virtueller Workshop. doi: 10.1109/ACSOS-C52956.2021.00063. ISBN 978-166541261-2. (In Press)

[img] PDF - Only accessible within DLR
228kB

Abstract

Code reuse is a frequent practice in malware development and finding code similar to known malware can thus be a promising strategy for malware detection. In this paper, we analyze the use of the clone detector StoneDetector for finding Android malware. To this end, signatures of known malware are generated and used to look for suspicious code fragments in Android APK packages. Feasibility of the approach is shown for a case study on samples of the FinSpy malware family.

Item URL in elib:https://elib.dlr.de/144763/
Document Type:Conference or Workshop Item (Speech)
Title:Using Clone Detection for Finding Signatures of Malware Families: A Case Study on FinSpy
Authors:
AuthorsInstitution or Email of AuthorsAuthor's ORCID iD
Scheidweiler, Nilsnils.scheidweiler (at) uni-jena.deUNSPECIFIED
Schäfer, AndréFriedrich-Schiller-Universität JenaUNSPECIFIED
Amme, Wolframwolfram.amme (at) uni-jena.deUNSPECIFIED
Heinze, Thomasthomas.heinze (at) dlr.deUNSPECIFIED
Date:2021
Journal or Publication Title:2nd IEEE International Conference on Autonomic Computing and Self-Organizing Systems, ACSOS 2021
Refereed publication:Yes
Open Access:No
Gold Open Access:No
In SCOPUS:Yes
In ISI Web of Science:No
DOI :10.1109/ACSOS-C52956.2021.00063
Publisher:IEEE
ISBN:978-166541261-2
Status:In Press
Keywords:Clone detection, Malware detection, Malware signatures, FinSpy, FinFisher
Event Title:SPS 2021
Event Location:Virtueller Workshop
Event Type:Workshop
Event Dates:27. September 2021
HGF - Research field:Aeronautics, Space and Transport
HGF - Program:Space
HGF - Program Themes:Space System Technology
DLR - Research area:Raumfahrt
DLR - Program:R SY - Space System Technology
DLR - Research theme (Project):R - Intelligent analysis and methods for safe software development
Location: Jena
Institutes and Institutions:Institute of Data Science > Secure Digital Systems
Deposited By: Heinze, Thomas
Deposited On:27 Oct 2021 15:39
Last Modified:18 Aug 2022 13:29

Repository Staff Only: item control page

Browse
Search
Help & Contact
Information
electronic library is running on EPrints 3.3.12
Website and database design: Copyright © German Aerospace Center (DLR). All rights reserved.