C
Ching-Hao Mao
Researcher at Institute for Information Industry
Publications - 65
Citations - 1147
Ching-Hao Mao is an academic researcher from Institute for Information Industry. The author has contributed to research in topics: Malware & Intrusion detection system. The author has an hindex of 13, co-authored 65 publications receiving 1038 citations. Previous affiliations of Ching-Hao Mao include Chinese Culture University & National Taiwan University of Science and Technology.
Papers
More filters
Proceedings ArticleDOI
DroidMat: Android Malware Detection through Manifest and API Calls Tracing
TL;DR: A static feature-based mechanism to provide a static analyst paradigm for detecting the Android malware and shows that the recall rate of the approach is better than one of well-known tool, Androguard, published in Black hat 2011, which focuses on Android malware analysis.
Proceedings ArticleDOI
Android Malware Detection via a Latent Network Behavior Analysis
TL;DR: This study purpose an automatic Android malware detection mechanism based on the result from sandbox, which successfully identifies malicious Android Apps close to 100% accuracy, precision and recall rate.
Proceedings ArticleDOI
Semi-supervised co-training and active learning based approach for multi-view intrusion detection
TL;DR: This paper proposes a co-training method framework for intrusion detection, which is a semi-supervised learning method and can not only utilize unlabeled data, but can also combine multi-view data.
Proceedings ArticleDOI
Fast-flux service network detection based on spatial snapshot mechanism for delay-free detection
TL;DR: This study proposes a delay-free detection system, Spatial Snapshot Fast-flux Detection system (SSFD), capable to capture the geographical pattern of hosts as well as mapping IP addresses in a DNS response into geographic coordinate system for revealing FFSNs at the moment.
Patent
Method and system for detecting malicious application
TL;DR: In this article, a malicious applications detection method is presented, which includes: extracting a plurality of static features from a manifest file and a de-compiled code respectively obtained from training malicious applications and training benign applications (APK files).