Our Goal is to discover, understand, characterize and detect Android malware
The Kharon project studies Android malware using Information Flow monitoring techniques. This project is funded by CominLabs a "Laboratoire d'Excellence" supported by the French government.
This website contains all the technical results obtained during the project and the source code that supports these results. More precisely, you will find:
- a short presentation of behavioral signatures of malware computed in this project
- the Kharon16 malware dataset : a collection of totally reversed malware presented at (LASER) workshop co-located with the 37th IEEE Symposium on Security and Privacy (SP)
- the GroddDroid tool, presented at MALCON 2015 (best paper award): it is a framework for automatically stimulating and triggering malware.
NEWS
- April 2017: Malware have (again !) a new visualization interface, thanks to the work of Korlan and Anthony. You can replay them, e.g. SimpleLocker!
- May 2016: Malware have a new visualization interface !
- December 2016: We will do a tutorial about malware at CISSI 2016
- July 2016: We will do a tutorial about malware at summer school Cyber in Bretagne
- April 2016: We will present a poster about « Using Implicit Calls to Improve Malware Dynamic Execution » at the 37th IEEE Symposium on Security and Privacy
- April 2016: Our article presenting the Kharon16 malware dataset is accepted at the Learning from Authoritative Security Experiment Results workshop co-located with the 37th IEEE Symposium on Security and Privacy (S&P)
- January 2016: We will be present at the 8h International Forum of CyberSecurity FIC_2016
- September 2015: We will present our gorilla GroddDroid at MALCON 2015.