SEMANTIC MODELLING OF ANDROID MALWARE FOR EFFECTIVE MALWARE COMPREHENSION, DETECTION AND CLASSIFICATION Constructed DSA of attacks DSA & OBA depicts the essential invocation of APIs in a malicious behavior Android Malware - 30.6% of apps are potential harmful apps - Including privacy leakage, privilege escalation, and ransomware. Motivation - Semantic modeling, identify malware essences - Combined detection, scalability & precision - Attack identification, understand attacks For known Android malware - Learn DSA & OBA - Extract feature for training For Android Apps to test - Extract feature and do classification - Generate DFA to do family classification - Identify OBA to determine attacks INTRODUCTION CONSTRUCTION OF DSA EVALUATION SYSTEM OVERVIEW Guozhu Meng, Yinxing Xue and Yang Liu. School of Computer Science and Engineering, NTU