Security and Communication Networks

Research Article

Combat Mobile Evasive Malware via Skip-Gram-Based Malware Detection

Table 7

Robustness of our model against evasion methods; this table shows malware families, their evasion capabilities, and their sample counts in test set. Final column shows our model detection performance of corresponding malware family.


	Evasion methods					Results
Family name	Renaming	String encryption	Dynamic loading	Native payload	Antidynamic analysis	Total count	Accuracy (%)

Airpush	✓					2353	95
Andup	✓	✓				14	92
BankBot	✓	✓	✓		✓	195	99
Bankun					✓	21	90
Boqx				✓		65	75
Boxer	✓	✓				14	100
Cova	✓					6	100
Dowgin	✓	✓	✓		✓	1015	91
DroidKungFu	✓	✓		✓		164	98
FakeAngry	✓	✓				3	66
FakeDoc	✓					7	100
FakeInst	✓	✓				651	100
FakePlayer	✓					7	85
FakeUpdates	✓	✓				2	0
Finspy	✓				✓	3	100
Fobus		✓	✓		✓	2	100
Fusob	✓	✓	✓			383	100
GingerMaster	✓	✓				39	97
GoPro	✓	✓			✓	11	63
Gumen				✓	✓	44	88
Koler	✓				✓	21	100
Ksapp					✓	11	90
Kuguo	✓					360	98
Kyview	✓	✓				53	86
Leech	✓	✓	✓		✓	39	100
Lotoor	✓			✓		95	96
Minimob	✓					61	88
Mseg	✓					71	53
Mtk	✓	✓	✓			21	100
Obad	✓	✓			✓	3	100
Opfake		✓				3	66
Ogel	✓			✓		2	100
Roop	✓					155	99
RuMMS	✓	✓	✓			121	100
SlemBunk		✓	✓	✓		52	100
Simplelocker	✓					48	100
SmsKey	✓					50	98
Stealer	✓					8	100
Svpeng					✓	4	75
Tesbo	✓	✓				2	100
Triada	✓	✓	✓		✓	63	95
UpdtKiller	✓			✓		8	100
Utchi	✓					4	100
Viking Horde				✓		3	33
Winge	✓					6	16
Youmi	✓					390	97
Zitmo	✓					8	87
Ztorg	✓	✓	✓			6	100
Total count	6462	2856	1796	433	1432	6667	—
Accuracy (%)	95	96	94	93	92	—	95 (total)