"Mirror, Mirror on the Wall, Who is the Fairest One of All?" Machine Learning versus Model Checking: A Comparison between Two Static Techniques for Malware Family Identification

Malware targeting Android platforms is growing in number and complexity. Huge volumes of new variants emerge every month and this creates the need of being able to recognize timely the specific variants when encountered. Several approaches have been developed for malware detection. Recently the research community is developing approaches able to detect malware variants. Among all, two approaches demonstrated high performances in detecting malware and assigning the family it belongs to: one based on machine learning and one on formal methods. In this paper we compare the results achieved by two methods in terms of Precision, Recall and Accuracy. We highlight points of strength and weakness of two methods.