remove doplon in figure/tab/section reference
This commit is contained in:
Jean-Marie Mineau
parent
d730d1f4a7
commit
6d9096e314
GPG key ID:
B66AEEDA9B645AD2
4 changed files with 26 additions and 25 deletions
|
|
@ -218,12 +218,12 @@ A campaign of tests consists in executing the #nbtoolsvariationsrun selected too
|
|||
The constraints applied on the clusters are:
|
||||
|
||||
- No network connection is authorized in order to limit any execution of malicious software.
|
||||
- The allocated RAM for a task is \ramlimit.
|
||||
- The allocated RAM for a task is #ramlimit.
|
||||
- The allocated maximum time is 1 hour.
|
||||
- The allocated object space / stack space is 64 GB / 16 GB if the tool is a Java based program.
|
||||
|
||||
For the disk files, we use a mount point that is stored on a SSD disk, with no particular limit of size.
|
||||
Note that, because the allocation of #ramlimit could be insufficient for some tool, we evaluated the results of the tools on 20% of our dataset (described later in Section@sec:rasta-dataset) with 128 GB of RAM and #ramlimit of RAM and checked that the results were similar.
|
||||
Note that, because the allocation of #ramlimit could be insufficient for some tool, we evaluated the results of the tools on 20% of our dataset (described later in @sec:rasta-dataset) with 128 GB of RAM and #ramlimit of RAM and checked that the results were similar.
|
||||
With this confirmation, we continued our evaluations with #ramlimit of RAM only.
|
||||
|
||||
|
||||
|
|
@ -233,25 +233,25 @@ With this confirmation, we continued our evaluations with #ramlimit of RAM only.
|
|||
DATASET
|
||||
|
||||
first seen year: pas dans les BDD officielles d'Androzoo: min added dans AndroZoo et date de VT analysis
|
||||
%
|
||||
|
||||
année: 2010 et 2023
|
||||
|
||||
7% de malware
|
||||
%
|
||||
|
||||
0 detection dans VT: good
|
||||
5+ => malware
|
||||
0-5 detection: exclu
|
||||
%
|
||||
|
||||
|
||||
Les tranches de taille sont des déciles de d'androzoo (- les 1% extreme)
|
||||
pour chaque année, pour chaque tranche de taille, on selectionne randomly 500 applications (avec bonne proporotion de malware) = bucket.
|
||||
%
|
||||
|
||||
Probleme: Ce n'est pas représentatif de la population: il n'y a propablement pas 7% de malware and chaque décile d'androzoo pour chaque année
|
||||
Probleme 2: pour sampler, on utilise les deciles de taille d'apk, mais pour nos plot on utiliser les deciles de taille de dex file.
|
||||
%
|
||||
|
||||
500*10*14=70000
|
||||
%
|
||||
%
|
||||
|
||||
|
||||
*/
|
||||
|
||||
// Two datasets are used in the experiments of this section.
|
||||
|
|
@ -271,4 +271,4 @@ Applications in between are dropped.
|
|||
For computing the release date of an application, we contacted the authors of Androzoo to compute the minimum date between the submission to Androzoo and the first upload to VirusTotal.
|
||||
Such a computation is more reliable than using the DEX date that is often obfuscated when packaging the application.
|
||||
|
||||
// \todo[Transition] // plus de place :-(
|
||||
// #todo[Transition] // plus de place :-(
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue