Merging Permission and API Features For Android Malware Detection
Document Type
Conference Proceeding
Publication Date
8-31-2016
School
Computing Sciences and Computer Engineering
Abstract
The prosperity of mobile devices have been rapidly and drastically reforming the use pattern and of user habits with computing devices. Android, the most popular mobile operating system, has a privilege-separated security system through a sophisticated permission control mechanism. Android Apps need to request permissions to access sensitive personal data and system resources, but empirical studies have found that various types of malicious software could obtain permissions and attack systems and applications by deceiving users and the security mechanism. In this paper, we propose a novel machine learning approach to detect malware by mining the patterns of Permissions and API Function Calls acquired and used by Android Apps. Based on static analysis of source code and resource files of Android Apps, binary and numerical features are extracted for qualitative and quantitative evaluation. Feature selection methods are applied to reduce the feature dimension and enhance the efficiency. Different machine learning methods, including Support Vector Machines, Random Forest and Neural Networks, are applied and compared in classification. The experimental results show that the proposed approach delivers accurate detection of Android malware. We deem that the proposed approach could help raise users' awareness of potential risks and mitigate malware threats for Android devices.
Publication Title
Proceedings - 2016 5th IIAI International Congress on Advanced Applied Informatics, IIAI-AAI 2016
First Page
566
Last Page
571
Recommended Citation
Qiao, M.,
Sung, A.,
Liu, Q.
(2016). Merging Permission and API Features For Android Malware Detection. Proceedings - 2016 5th IIAI International Congress on Advanced Applied Informatics, IIAI-AAI 2016, 566-571.
Available at: https://aquila.usm.edu/fac_pubs/19525
COinS