• Corpus ID: 4605457

Examining Features for Android Malware Detection

  title={Examining Features for Android Malware Detection},
  author={Matthew Leeds and Miclain Keffeler and Travis Atkison},
With the constantly increasing use of mobile devices, the need for effective malware detection algorithms is constantly growing. The research presented in this paper expands upon previous work that applied machine learning techniques to the area of Android malware detection by examining Java API call data as a method for malware detection. In addition to examining a new feature, a significant amount of work has been done in understanding how the model works and various ways of improving its… 

Figures and Tables from this paper

Android Malware Detection and Crypto-Mining Recognition Methodology with Machine Learning

A combination of functional and statistical features is proposed to be applied for data classification in order to provide a high-performance malware recognition process to provide an innovative Machine Learning-based solution for Android malware detection.


In this study 10 malware were used to analyze the use of volatility and APK tools to have an impact on using the results of analysis and also based on malicious activity from the API.



A Comparison of Features for Android Malware Detection

This research examines two types of features of Android applications, permission requests and system calls, as a way to detect malware, and is able to differentiate between benign and malicious apps by applying a machine learning algorithm.

A Machine Learning Approach to Android Malware Detection

  • Justin SahsL. Khan
  • Computer Science
    2012 European Intelligence and Security Informatics Conference
  • 2012
A machine learning-based system for the detection of malware on Android devices that extracts a number of features and trains a One-Class Support Vector Machine in an offline (off-device) manner, in order to leverage the higher computing power of a server or cluster of servers.

Detecting Malware for Android Platform: An SVM-Based Approach

A malware detection scheme for Android platform using an SVM-based approach, which integrates both risky permission combinations and vulnerable API calls and use them as features in the SVM algorithm is studied.

Classification of Android Malware Applications using Feature Selection and Classification Algorithms

This paper proposes an approach for Android malware classification based on features selection and classification algorithms, which uses the permissions used in the Android app as features, to differentiate between the malware apps and goodware apps.

Android Malware Detection Based on System Calls

The technique performs automatic classification based on tracking system calls while applications are executed in a sandbox environment and shows that even simplistic feature choices are highly effective, suggesting that more heavyweight approaches should be thoroughly (re)evaluated.

Permission-Based Android Malware Detection

The proposed framework intends to develop a machine learning-based malware detection system on Android to detect malware applications and to enhance security and privacy of smartphone users.

Intelligent Approach for Android Malware Detection

A self-adaptive neuro-fuzzy inference system to classify the Android apps into malware and goodware based on system permissions is introduced and it is concluded that the proposed classifier can be effective in Android protection.

DroidMat: Android Malware Detection through Manifest and API Calls Tracing

A static feature-based mechanism to provide a static analyst paradigm for detecting the Android malware and shows that the recall rate of the approach is better than one of well-known tool, Androguard, published in Black hat 2011, which focuses on Android malware analysis.

A Probabilistic Discriminative Model for Android Malware Detection with Decompiled Source Code

This paper proposes a probabilistic discriminative model based on regularized logistic regression that substantially outperforms the state-of-the-art methods for Android malware detection with application permissions and achieves the best detection results by combining both decompiled source code and application permissions.

DroidScribe: Classifying Android Malware Based on Runtime Behavior

A novel classification method is introduced that fuses Support Vector Machines with Conformal Prediction to generate high-accuracy prediction sets where the information is insufficient to pinpoint a single family of Android malware samples.