Research Article
KTSDroid: A Framework for Android Malware Categorization Using the Kernel Task Structure
Table 10
Final feature set used by KTSDroid.
| Rep | Feature name | Depth |
| M_F1 | task -> mm -> mmap -> vm_file -> f_inode -> i_generation | 6 | M_F2 | task -> mm -> mmap_legacy_base | 3 | M_F3 | task -> mm -> end_data | 4 | M_F4 | task -> mm -> mmap_base | 3 | M_F10 | task -> mm -> mmap -> vm_file -> f_inode -> i_ino | 6 | M_F11 | task -> mm -> shared_vm | 3 | M_F12 | task -> mm -> total_vm | 3 | M_F14 | task -> mm -> exec_vm | 3 | M_F20 | task -> mm -> mm_count -> counter | 4 | P_F1 | task -> real_cred -> session_keyring -> last_used_at | 4 | P_F3 | task -> real_cred -> session_keyring -> serial | 4 | S_F1 | task -> sas_ss_sp | 2 | S_F2 | task -> signal -> ioac -> rchar | 4 | S_F3 | task -> signal -> ioac -> wchar | 4 |
|
|