Software and Data

Quick links to:
HMM-based Anomaly Detection

n-gram and FSA Anomaly Detection

Call Trace Dataset

Traffic Causality Dataset


    DIALDroid Database.

    If you are interested in getting a copy of the database, please fill out this REQUEST FORM.

    Schemas and queries are available HERE

    Owner: Amiangshu Bosu

    Paper to cite:

    Amiangshu Bosu, Fang Liu, Danfeng Yao, and Gang Wang.
    Collusive Data Leak and More: Large-scale Threat Analysis of Inter-app Communications.
    In Proceedings of ACM Symposium on Information, Computer & Communication Security (ASIACCS). Apr. 2017.

  1. DIALDroid-IC3 for Android ICC Resolution.

    Available HERE

    Owner: Amiangshu Bosu

    Paper to cite: Same as above (ASIACCS '17)

  2. DIALDroid-Bench for Android Malware Collusion Benchmark.

    Available HERE

    Owner: Amiangshu Bosu

    Paper to cite: Same as above (ASIACCS '17)


  3. Android Repackaged Malware Detection Tools.

    Available HERE

    Owner: Ke Tian

    Paper to cite:
    Ke Tian, Danfeng Yao, Barbara Ryder, and Gang Tan. Analysis of Code Heterogeneity for High-Precision Classification of Repackaged Malware. In Proceedings of Mobile Security Technologies (MoST), in conjunction with the IEEE Symposium on Security and Privacy. San Jose, CA. May 2016.


  4. Context-sensitive STILO (CS-STILO) for Program Anomaly Detection

    Available HERE

    Owner: Kui Xu and Ke Tian

    Paper to cite:
    Kui Xu, Ke Tian, Danfeng Yao, and Barbara Ryder. A Sharper Sense of Self: Probabilistic Reasoning of Program Behaviors for Anomaly Detection with Context Sensitivity. In Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Toulouse, France. Jun., 2016.


  5. Call Tracing and Call Traces.

    Available HERE

    Owner: Ke Tian and Long Cheng

    Papers to cite:
    Kui Xu, Ke Tian, Danfeng Yao, and Barbara Ryder. A Sharper Sense of Self: Probabilistic Reasoning of Program Behaviors for Anomaly Detection with Context Sensitivity. In Proceedings of the 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). Toulouse, France. Jun., 2016.

    Kui Xu, Danfeng Yao, Barbara Ryder, and Ke Tian. Probabilistic Program Modeling for High-Precision Anomaly Classification. In Proceedings of the 2015 IEEE Computer Security Foundations Symposium (CSF). Verona, Italy. Jul. 2015.


  6. Labs for n-gram and FSA-based program anomaly detection.

    Available HERE

    Owner: Xiaokui Shu

    Paper to cite:
    Program Anomaly Detection: Methodology and Practices. Xiaokui Shu and Danfeng Yao. In ACM CCS Tutorials. Vienna, Austria. Oct. 2016.


  7. Traffic causality dataset: HTTP requests and user events.

    Data used in our network causality work (below). Please contact us if you would like to access the dataset.

    Owner: Hao Zhang

    Papers to cite:
    Hao Zhang, Danfeng Yao, Naren Ramakrishnan, and Zhibin Zhang. Causality Reasoning about Network Events for Detecting Stealthy Malware Activities. Computers & Security (C&S). 58: 180-198. Elsevier. 2016.

    Hao Zhang, Danfeng Yao and Naren Ramakrishnan. Detection of Stealthy Malware Activities with Traffic Causality and Scalable Triggering Relation Discovery. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS). Kyoto, Japan. Jun. 2014.