Skip to Main content Skip to Navigation
Conference papers

Kharon dataset: Android malware under a microscope

Abstract : This study is related to the understanding of Android malware that now populate smartphone's markets. Our main objective is to help other malware researchers to better understand how malware works. Additionally, we aim at supporting the reproducibility of experiments analyzing malware samples: such a collection should improve the comparison of new detection or analysis methods. In order to achieve these goals, we describe here an Android malware collection called Kharon. This collection gives as much as possible a representation of the diversity of malware types. With such a dataset, we manually dissected each malware by reversing their code. We run them in a controlled and monitored real smartphone in order to extract their precise behavior. We also summarized their behavior using a graph representations of the information flows induced by an execution. With such a process, we obtained a precise knowledge of their malicious code and actions. As a result, researchers can figure out the engineering efforts of malware developers and understand their programming patterns. Another important result of this study is that most of malware now include triggering techniques that delay and hide their malicious activities. We also think that this collection can initiate a reference test set for future research works.
Document type :
Conference papers
Complete list of metadata

Cited literature [9 references]  Display  Hide  Download
Contributor : Jean-François Lalande Connect in order to contact the contributor
Submitted on : Friday, June 24, 2016 - 3:38:52 PM
Last modification on : Saturday, June 25, 2022 - 7:43:18 PM
Long-term archiving on: : Sunday, September 25, 2016 - 11:39:18 AM


Files produced by the author(s)


  • HAL Id : hal-01311917, version 1


Nicolas Kiss, Jean-François Lalande, Mourad Leslous, Valérie Viet Triem Tong. Kharon dataset: Android malware under a microscope. The Learning from Authoritative Security Experiment Results (LASER) workshop, May 2016, San Jose, United States. pp.1-12. ⟨hal-01311917⟩



Record views


Files downloads