Abstract
This paper proposes a two-stage Android malware detection and classification mechanism based on machine learning algorithm. In this paper, we use the static analysis method to extract the software’s package features, permission features, component features and triggering mechanism. Then we use the dynamic analysis tools to obtain the dynamic behavior characters of the software, and format the static and dynamic features. Finally, we use the machine learning algorithm to deal with the feature eigenvectors in two stages, and then we will get the malicious classification of the software. The experimental results show that in the data set used in this paper the proposed method based on the combination of dynamic and static malicious code detection is more accurate than the common detection engine, and the ability of classifying malicious family is much stronger.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Securelist. https://securelist.com/analysis/kaspersky-security-bulletin/73839/mobile-malware-evolution-2015/
Maier, D., Muller, T., Protsenko, M.: Divide-and-conquer: why android malware cannot be stopped. In: Ninth International Conference on Availability, Reliability and Security, pp. 30–39 (2014)
Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: RiskRanker: scalable and accurate zero-day android malware detection. In: International Conference on Mobile Systems, Applications, and Services, pp. 281–294 (2012)
Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: Proceedings of Annual Network & Distributed System Security Symposium, pp. 50–52 (2012)
Dimja, M., Atzeni, S., Ugrina, I., Rakamaric, Z.: Evaluation of android malware detection based on system calls. In: ACM on International Workshop on Security and Privacy Analytics, pp. 1–8 (2016)
Shabtai, A., Tenenboim-Chekina, L., Mimran, D., Rokach, L., Shapira, B., Elovici, Y.: Mobile malware detection through analysis of deviations in application network behavior. Comput. Secur. 43, 1–18 (2014)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: “Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38, 161–190 (2012)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for Android. In: ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26 (2011)
Spreitzenbarth, M., Schreck, T., Echtler, F., Arp, D., Hoffmann, J.: Mobile-Sandbox: combining static and dynamic analysis with machine-learning techniques. Int. J. Inf. Secur. 14, 141–153 (2015)
Lantz, P., Desnos, A., Yang, K.: DroidBox: android application sandbox (2012)
Yang, C., Xu, Z., Gu, G., Yegneswaran, V., Porras, P.: DroidMiner: automated mining and characterization of fine-grained malicious behaviors in android applications. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 163–182. Springer, Cham (2014). doi:10.1007/978-3-319-11203-9_10
Zhang, M., Duan, Y., Yin, H., Zhao, Z.: Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1105–1116 (2014)
Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.-G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32, 5 (2014)
Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95–109 (2012)
Talha, K.A., Alper, D.I., Aydin, C.: APK auditor: permission-based android malware detection system. Digit. Invest. 13, 1–14 (2015)
Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: Network and Distributed System Security Symposium (2014)
Acknowledgments
This work is supported by the National Natural Science Foundation of China (General Program) under Grant No. 61572253, the Aeronautical Science Foundation of China under Grant No. 2016ZC52030.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Yang, F., Zhuang, Y., Wang, J. (2017). Android Malware Detection Using Hybrid Analysis and Machine Learning Technique. In: Sun, X., Chao, HC., You, X., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2017. Lecture Notes in Computer Science(), vol 10603. Springer, Cham. https://doi.org/10.1007/978-3-319-68542-7_48
Download citation
DOI: https://doi.org/10.1007/978-3-319-68542-7_48
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-68541-0
Online ISBN: 978-3-319-68542-7
eBook Packages: Computer ScienceComputer Science (R0)