Skip to main content
SpringerLink
Log in

Android Malware Detection Using Hybrid Analysis and Machine Learning Technique

  • Conference paper
  • First Online:
Cloud Computing and Security (ICCCS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10603))

Included in the following conference series:

Abstract

This paper proposes a two-stage Android malware detection and classification mechanism based on machine learning algorithm. In this paper, we use the static analysis method to extract the software’s package features, permission features, component features and triggering mechanism. Then we use the dynamic analysis tools to obtain the dynamic behavior characters of the software, and format the static and dynamic features. Finally, we use the machine learning algorithm to deal with the feature eigenvectors in two stages, and then we will get the malicious classification of the software. The experimental results show that in the data set used in this paper the proposed method based on the combination of dynamic and static malicious code detection is more accurate than the common detection engine, and the ability of classifying malicious family is much stronger.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Gartner. http://www.gartner.com/newsroom/id/3323017

  2. Securelist. https://securelist.com/analysis/kaspersky-security-bulletin/73839/mobile-malware-evolution-2015/

  3. Maier, D., Muller, T., Protsenko, M.: Divide-and-conquer: why android malware cannot be stopped. In: Ninth International Conference on Availability, Reliability and Security, pp. 30–39 (2014)

    Google Scholar 

  4. Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: RiskRanker: scalable and accurate zero-day android malware detection. In: International Conference on Mobile Systems, Applications, and Services, pp. 281–294 (2012)

    Google Scholar 

  5. Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: Proceedings of Annual Network & Distributed System Security Symposium, pp. 50–52 (2012)

    Google Scholar 

  6. Dimja, M., Atzeni, S., Ugrina, I., Rakamaric, Z.: Evaluation of android malware detection based on system calls. In: ACM on International Workshop on Security and Privacy Analytics, pp. 1–8 (2016)

    Google Scholar 

  7. Shabtai, A., Tenenboim-Chekina, L., Mimran, D., Rokach, L., Shapira, B., Elovici, Y.: Mobile malware detection through analysis of deviations in application network behavior. Comput. Secur. 43, 1–18 (2014)

    Article  Google Scholar 

  8. Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: “Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38, 161–190 (2012)

    Article  Google Scholar 

  9. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for Android. In: ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26 (2011)

    Google Scholar 

  10. Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14, 141–153 (2015)

    Article  Google Scholar 

  11. Lantz, P., Desnos, A., Yang, K.: DroidBox: android application sandbox (2012)

    Google Scholar 

  12. Yang, C., Xu, Z., Gu, G., Yegneswaran, V., Porras, P.: DroidMiner: automated mining and characterization of fine-grained malicious behaviors in android applications. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 163–182. Springer, Cham (2014). doi:10.1007/978-3-319-11203-9_10

    Google Scholar 

  13. Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1105–1116 (2014)

    Google Scholar 

  14. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32, 5 (2014)

    Article  Google Scholar 

  15. Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95–109 (2012)

    Google Scholar 

  16. Talha, K.A., Alper, D.I., Aydin, C.: APK auditor: permission-based android malware detection system. Digit. Invest. 13, 1–14 (2015)

    Article  Google Scholar 

  17. Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security Symposium (2014)

    Google Scholar 

Download references

Acknowledgments

This work is supported by the National Natural Science Foundation of China (General Program) under Grant No. 61572253, the Aeronautical Science Foundation of China under Grant No. 2016ZC52030.

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Fan Yang, Yi Zhuang & Jun Wang

Authors
  1. Fan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yi Zhuang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yi Zhuang .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. National Dong Hwa University, Shoufeng, Taiwan

    Han-Chieh Chao

  3. China Information Technology Security Evaluation Center, Nanjing, China

    Xingang You

  4. Department of Computer Science, Purdue University, West Lafayette, Indiana, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, F., Zhuang, Y., Wang, J. (2017). Android Malware Detection Using Hybrid Analysis and Machine Learning Technique. In: Sun, X., Chao, HC., You, X., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2017. Lecture Notes in Computer Science(), vol 10603. Springer, Cham. https://doi.org/10.1007/978-3-319-68542-7_48

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-68542-7_48

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-68541-0

  • Online ISBN: 978-3-319-68542-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation