Research Article
Behavior Intention Derivation of Android Malware Using Ontology Inference
Table 5
The inference results of Zitmo.
| | Behavior relationship | Final goal representation |
| | hasCompoundwith(monitor, intercept) | (Broadcast, is_monitored, Yes),
(Broadcast, is_intercepted, Yes) | | hasCompoundwith(monitor, access) | (SmsMessage, position, inMemory) | | hasCompoundwith(access, encrypt) | (SmsMessage, is_plain, No) | | hasCombinationwith(connect, encrypt) | No | | hasCompoundwith(encrypt, transmit) | (URL, is_used, Yes) | | hasCompoundwith(connect, transmit) | (SmsMessage, position, remoteServer) |
|
|
