Android Malware Genome Project

Yajin Zhou      Xuxian Jiang
Department of Computer Science
North Carolina State University


(2015/12/21) Due to limited resources and the situation that students involving in this project have graduated, we decide to stop the efforts of malware dataset sharing.


The popularity and adoption of smartphones has greatly stimulated the spread of mobile malware, especially on the popular platforms such as Android. In light of their rapid growth, there is a pressing need to develop effective solutions. However, our defense capability is largely constrained by the limited understanding of these emerging mobile malware and the lack of timely access to related samples.

In this project, we focus on the Android platform and aim to systematize or characterize existing Android malware. Particularly, with more than one year effort, we have managed to collect more than 1,200 malware samples that cover the majority of existing Android malware families, ranging from their debut in August 2010 to recent ones in October 2011. In addition, we systematically characterize them from various aspects, including their installation methods, activation mechanisms as well as the nature of carried malicious payloads. The characterization and a subsequent evolution-based study of representative families reveal that they are evolving rapidly to circumvent the detection from existing mobile anti-virus software. Based on the evaluation with four representative mobile security software, our experiments in November, 2011 show that the best case detects 79.6% of them while the worst case detects only 20.2% in our dataset. These results clearly call for the need to better develop next-generation anti-mobile-malware solutions.

We will present a paper that describes this project at IEEE Symposium on Security & Privacy, 2012.


Dissecting Android Malware: Characterization and Evolution
Yajin Zhou, Xuxian Jiang
Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland 2012)
San Francisco, CA, May 2012

Dataset Release

To mitigate malware threats on mobile platforms (e.g., Android) and engage the research community to better our understanding and defense, we are happy to release our dataset to the community. Please visit the download page for detailed instructions.


This work was supported in part by the US National Science Foundation (NSF) under Grants 0855297, 0855036, 0910767, and 0952640. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF.

We also thank the following vendors for their hardware donations.