Logo image
Back
Knowledge Is Power: a Knowledge Graph-Based Approach for Mobile Malware Traceability Analysis
Journal article   Peer reviewed

Knowledge Is Power: a Knowledge Graph-Based Approach for Mobile Malware Traceability Analysis

Yao Zhang, Guangquan Xu, Ruitao Feng, Xiaohong Li, Sen Chen, Zhenchang Xing, Yude Bai, Yongqiang Lyu, Wei Gong and Xibin Zhao
IEEE transactions on mobile computing, Vol.First online, pp.1-17
16/03/2026
DOI: https://doi.org/10.1109/TMC.2026.3673942
Appears in  Recent Faculty of Science and Engineering Publications

Metrics

1 Record Views

Abstract

API call graph explainable analysis journal knowledge graph Mobile malware traceability
The prevalence of Android malware has brought forth the issue of traceability in malware analysis, prompting the need for exploration. Establishing connections between newly discovered malware and existing data can shed light on the traceability analysis and underlying reasons behind the malware. However, real-world analysis of malware traceability is intricate and time-consuming due to the vast volume of data, often requiring manual examination and lacking explanatory results. Hence, a comprehensive automated malware tracing framework is urgently needed to provide detailed insights into traceability identification and explanatory capabilities. This paper introduces a knowledge graph-based approach utilizing partial API call graphs with semantic and behavioral features to uncover traceability relations among malware and generate explainable results. The approach is based on a dataset comprising over 20,000 labeled malware samples from a decade, addressing complexity through prior knowledge utilization and a branch pruning method for call graphs. This reduces com putational complexity and enhances precision in determining traceability relations. Rigorous evaluation and validation were conducted, assessing the system's effectiveness in tracking mal ware through extensive experiments and results confirmation with further analysis. The system's ability is validated by effectiveness, soundness, and practicality to demonstrate the value of approach design and its real-world applicability for security professionals.

Details

Logo image