Abstract
With the widespread use of the Android operating system, the number of applications based on the Android platform is growing. How to effectively identify malware is critical to the security of phones. This paper proposes an Android malware detection method based on the combination of sensitive permissions and API features. This method extracts the permission features and API features by decompiling the APK file, and then uses the mutual information to select sensitive permissions and APIs as feature sets. On this basis, an ensemble learning model based on decision tree classifier and KNN classifier is used to quickly and accurately detect unknown APKs. The experimental results show that the discriminative accuracy of the proposed method is higher than that of the permission set or the API set alone, and the accuracy rate can reach up to 95.5%.
Our work is supported by NSFC: The United Foundation of General Technology and Fundamental Research (No. U1536122), the General Project of Tianjin Municipal Science and Technology Commission under Grant (No. 15JCYBJC15600), and the Major Project of Tianjin Municipal Science and Technology Commission under Grant (No. 15ZXDSGX00030).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wu, D.J., Mao, C.H., Lee, H.M., Wu, K.P.: DroidMat: Android malware detection through manifest and API calls tracing. In: 7th Asia Joint Conference on Information Security, Tokyo, Japan, pp. 62–69 (2012)
360 Campfire Lab: 2017 Android malware special report. http://blogs.360.cn/post/review_android_malware_of_2017-2.html. Accessed 3 Jan 2018
Cai, L., Chen, T.: Research review and outlook on Android mobile malware detection. In: Netinfo Security 2016, vol. 9, pp. 218–222 (2016)
Enck, W., et al.: TaintDroid: an information-flow tracking system for real time privacy monitoring on smartphones. ACM Trans. Comput. Syst 32(2), 5 (2014)
Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic Android malware analysis. In: Proceedings of 21st USENIX Security Symposium, pp. 569–584 (2012)
Feng, Y., Anand, S., Dillig, I., Aiken, A.: Apposcopy: semantics-based detection of Android malware through static analysis. In: Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 576–587 (2014)
Sharma, A., Dash, S.K.: Mining API calls and permissions for Android malware detection. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds.) CANS 2014. LNCS, vol. 8813, pp. 191–205. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12280-9_13
Felt, A.P., Chin, E., Hanna, S., et al.: Android permissions demystified. In: Proceedings of 18th ACM Conference on Computer and Communications Security, pp. 627–638 (2011)
Wang, W., Wang, X., Feng, D.W., et al.: Exploring permission-induced risk in Android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869–1882 (2014)
Xiang, C., Yang, P., Tian, C., Liu, Y.: Calibrate without calibrating: an iterative approach in participatory sensing network. IEEE Trans. Parallel Distrib. Syst. 26(2), 351–356 (2015)
Yang, Z., Wu, C., Zhou, Z., Zhang, X., Wang, X., Liu, Y.: Mobility increases localizability: a survey on wireless indoor localization using inertial sensors. ACM Comput. Surv. 47(3), 1–34 (2015)
Google Android Market. http://play.google.com/store/apps?feature=corpusselector. Accessed 30 Jan 2017
Virusshare. http://virusshare.com. Accessed 30 Sept 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Zhao, C., Wang, C., Zheng, W. (2019). Android Malware Detection Based on Sensitive Permissions and APIs. In: Li, J., Liu, Z., Peng, H. (eds) Security and Privacy in New Computing Environments. SPNCE 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 284. Springer, Cham. https://doi.org/10.1007/978-3-030-21373-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-21373-2_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21372-5
Online ISBN: 978-3-030-21373-2
eBook Packages: Computer ScienceComputer Science (R0)