Android Malware Clustering through Malicious Payload Mining

Clustering has been well studied for desktop malware analysis as an effective triage method. Conventional similarity-based clustering techniques, however, cannot be immediately applied to Android malware analysis due to the excessive use of third-party libraries in Android application development and the widespread use of repackaging in malware development. We design and implement an Android malware clustering system through iterative mining of malicious payload and checking whether malware samples share the same version of malicious payload. Our system utilizes a hierarchical clustering technique and an efficient bit-vector format to represent Android apps. Experimental results demonstrate that our clustering approach achieves precision of 0.90 and recall of 0.75 for Android Genome malware dataset, and average precision of 0.98 and recall of 0.96 with respect to manually verified ground-truth.Comment: Proceedings of the 20th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2017

Stroke 1: definition, burden, risk factors and diagnosis

The field of stroke has benefitted from many advances in recent decades, in particular, improved imaging techniques. This, coupled with better knowledge of brain function among professionals and greater awareness of stroke signs and symptoms among the general public, leads to the earlier identification, diagnosis, and treatment – which are key as stroke is a medical emergency. However, more needs to be done to reduce the personal and societal burden of stroke. This article – the first of a five-part series on stroke – discusses definitions, epidemiology, risk factors and diagnosis to help nurses gain an in-depth understanding of this complex condition