• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Automatic Generation of MAEC and STIX Standards for Android Malware Threat Intelligence

Vol. 14, No. 8, August 31, 2020
10.3837/tiis.2020.08.015, Download Paper (Free):

Abstract

Due to the increasing number of malicious software (also known as malware), methods for sharing threat information are being studied by various organizations. The Malware Attribute Enumeration and Characterization (MAEC) format of malware is created by analysts, converted to Structured Threat Information Expression (STIX), and distributed by using Trusted Automated eXchange of Indicator Information (TAXII) protocol. Currently, when sharing malware analysis results, analysts have to manually input them into MAEC. Not many analysis results are shared publicly. In this paper, we propose an automated MAEC conversion technique for sharing analysis results of malicious Android applications. Upon continuous research and study of various static and dynamic analysis techniques of Android Applications, we developed a conversion tool by classifying parts that can be converted automatically through MAEC standard analysis, and parts that can be entered manually by analysts. Also using MAEC-to-STIX conversion, we have discovered that the MAEC file can be converted into STIX. Although other researches have been conducted on automatic conversion techniques of MAEC, they were limited to Windows and Linux only. In further verification of the conversion rate, we confirmed that analysts could improve the efficiency of analysis and establish a faster sharing system to cope with various Android malware using our proposed technique.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
J. Park, L. N. Vu, G. Bencivengo and S. Jung, "Automatic Generation of MAEC and STIX Standards for Android Malware Threat Intelligence," KSII Transactions on Internet and Information Systems, vol. 14, no. 8, pp. 3420-3436, 2020. DOI: 10.3837/tiis.2020.08.015.

[ACM Style]
Jungsoo Park, Long Nguyen Vu, George Bencivengo, and Souhwan Jung. 2020. Automatic Generation of MAEC and STIX Standards for Android Malware Threat Intelligence. KSII Transactions on Internet and Information Systems, 14, 8, (2020), 3420-3436. DOI: 10.3837/tiis.2020.08.015.