About CHABADA
How do we know a program does what it claims to do? After clustering Android apps by their description topics, we identify outliers in each cluster with respect to their API usage. A "weather" app that sends messages thus becomes an anomaly; likewise, a "messaging" app would typically not be expected to access the current location. Applied on a set of 22,500+ Android applications, our CHABADA prototype identified several anomalies; additionally, it flagged 56% of novel malware as such, without requiring any known malware patterns.
Videos
- Watch the video of the CHABADA work presented at Microsoft Research.
- CHABADA on ARD! Watch the video here (in german)
- CHABADA on SR! Watch the video here (in german)
Slides
- "Mining Apps for Anomalies" keynote by Prof. Andreas Zeller at Software Mining Workshop (ASE 2016).
Downloads
- Download the preprint of the CHABADA paper here. The final revised version of the paper will appear at the International Conference of Software Engineering (ICSE) 2014.
- Download the whole dataset of the CHABADA experiments here.
@inproceedings{GorlaetAl:CHABADA:ICSE:2014,
author = {Alessandra Gorla and Ilaria Tavecchia and Florian Gross and Andreas Zeller},
title = {Checking App Behavior Against App Descriptions},
booktitle = {ICSE'14: Proceedings of the 36th International Conference on Software Engineering},
location = {Hyderabad (India), 31 May - 7 June},
year = {2014},
}
author = {Alessandra Gorla and Ilaria Tavecchia and Florian Gross and Andreas Zeller},
title = {Checking App Behavior Against App Descriptions},
booktitle = {ICSE'14: Proceedings of the 36th International Conference on Software Engineering},
location = {Hyderabad (India), 31 May - 7 June},
year = {2014},
}