16 lines
1.3 KiB
XML
16 lines
1.3 KiB
XML
== Limitations <sec:rasta-limit>
|
|
|
|
Some limitations of our approach should be kept in mind.
|
|
|
|
Our application dataset is biased in favor of Androguard, because Androzoo have already used Androguard internally when collecting applications and discarded any application that cannot be processed with this tool.
|
|
|
|
Despite our best efforts, it is possible that we made mistakes when building or using the tools.
|
|
It is also possible that we wrongly classified a result as a failure.
|
|
To mitigate this possible problem we contacted the authors of the tools to confirm that we used the right parameters and chose a valid failure criterion.
|
|
Before running the final experiment, we also ran the tools on a subset of our dataset and looked manually the most common errors to ensure that they are not trivial errors that can be solved.
|
|
|
|
The timeout value, amount of memory are arbitrarily fixed.
|
|
To mitigate this issue, a small extract of our dataset has been analyzed with more memory/time and we check that they was no significant difference in the results.
|
|
|
|
Finally, the use of VirusTotal for determining if an application is a malware or not may be wrong.
|
|
To limite the impact of errors, we used a threshold of at most 5 antiviruses (resp. no more than 0) reporting an application as being a malware (resp. goodware) for taking a decision about maliciousness (resp. benignness).
|