Skip to main content
SpringerLink
Log in

Advanced Android Malware Detection Utilizing API Calls and Permissions

  • Conference paper
  • First Online:
IT Convergence and Security

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 782))

Abstract

The Android operating system is a major presence in the proliferation of smartphones and IoT applications. Android apps can utilize security loopholes wherein developers may access user-critical data on the host device. A previously published Android malware-detection model analyzed 109,000 APKs, achieving better results than other peer models in accuracy, precision, recall, and F-Score metrics. In this paper, the model is expanded through the addition of API-call analysis, along with APK permissions. This expansion enabled more powerful and improved detection accuracy. Moreover, in an analysis of 158,000 APKs, the more recent model with newer settings achieved much better results than prior work on the same set of performance metrics. These results are an encouraging indication that further expansion of dynamic APK analysis will permit early detection of malware installation, allowing vulnerable Android systems to preempt damage from the malware application vector.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 299.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 379.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 379.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Liu J, Yu J (2011) Research on development of android applications. In: 2011 4th international conference on intelligent networks and intelligent systems. Kunming, pp 69–72 https://doi.org/10.1109/ICINIS.2011.40

  2. Oulehla M (2015) Investigation into google play security mechanisms via experimental botnet. In: 2015 IEEE international symposium on signal processing and information technology (ISSPIT). Abu Dhabi, pp 591–596. https://doi.org/10.1109/ISSPIT.2015.7394406

  3. Wang W, Godfrey MW (2013) Detecting API usage obstacles: a study of iOS and Android developer questions. In: 2013 10th working conference on mining software repositories (MSR). San Francisco, CA, pp 61–64. https://doi.org/10.1109/MSR.2013.6624006

  4. Huang N, Xu M, Zheng N, Qiao T, Choo KR (2019) Deep android malware classification with API-based feature graph. In 2019 18th IEEE international conference on trust, security and privacy in computing and communications/13th IEEE international conference on big data science and engineering (TrustCom/BigDataSE). Rotorua, New Zealand, pp 296–303 https://doi.org/10.1109/TrustCom/BigDataSE.2019.00047

  5. Jung J, et al (2018) Android malware detection based on useful API calls and machine learning. In: 2018 IEEE first international conference on artificial intelligence and knowledge engineering (AIKE). Laguna Hills, CA, pp 175–178. https://doi.org/10.1109/AIKE.2018.00041

  6. Sahoo AK, Sahoo KS, Tiwary M (2014) Signature based malware detection for unstructured data in Hadoop In 2014 international conference on advances in electronics computers and communications. Bangalore, pp 1–6. https://doi.org/10.1109/ICAECC.2014.7002394

  7. Sathyanarayan VS, Kohli P, Bruhadeshwar B (2008) Signature generation and detection of malware families. In: Mu Y, Susilo W, Seberry J (eds) Information security and privacy. ACISP 2008. Lecture notes in computer science, vol 5107. Springer, Berlin, Heidelberg, https://doi.org/10.1007/978-3-540-70500-0_25

  8. Shijo PV, Salim A (2015) Integrated static and dynamic analysis for malware detection. Procedia Comp Sci 46:804–811. ISSN 1877–0509 https://doi.org/10.1016/j.procs.2015.02.149

  9. Utku A, DoGru IA, AkcayolMAPermission based android malware detection with multilayer perceptron. In: 2018 26th signal processing and communications applications conference (SIU). Izmir, pp 1–4. https://doi.org/10.1109/SIU.2018.8404302

  10. Yerima S, Alzaylaee M, Sezer S (2019) Machine learning-based dynamic analysis of Android apps with improved code coverage. EURASIP J Info Sec 2019:4. https://doi.org/10.1186/s13635-019-0087-1

    Article  Google Scholar 

  11. Ahmad M, Costamagna V, Crispo B, Bergadano F F, Zhauniarovich Y (2020) StaDART: addressing the problem of dynamic code updates in the security analysis of android applications. J Syste Softw 159: 110386. ISSN 0164–1212 https://doi.org/10.1016/j.jss.2019.07.088

  12. Daniel A, Michael S, Malte H, Hugo G, Konrad R (2014) Drebin: efficient and explainable detection of android malware in your pocket. In: 21th annual network and distributed system security symposium (NDSS)

    Google Scholar 

  13. Zhou Y, Wang Z, Zhou W, Jiang X (2012) Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets. In: Proceedings of the 19th annual network & distributed system security symposium

    Google Scholar 

  14. Zhou Y, Jiang X (2012) Dissecting android malware: characterization and evolution security and privacy (SP). In: IEEE symposium on security and privacy

    Google Scholar 

  15. MARVIN Efficient and comprehensive mobile app classification through static and dynamic analysis

    Google Scholar 

  16. Virus Total https://www.virustotal.com/gui/graph-overview

  17. Peiravian N, Zhu X (2013) Machine learning for android malware detection using permission and API calls. In: 2013 IEEE 25th international conference on tools with artificial intelligence. Herndon, VA, pp 300–305. https://doi.org/10.1109/ICTAI.2013.53

  18. Venugopal D, Hu G (2008) Efficient signature based malware detection on mobile devices. Mob Inf Syst 4(1):33–49. https://doi.org/10.1155/2008/712353

  19. Zhang H, Luo S, Zhang Y, Pan L (2019) An efficient android malware detection system based on method-level behavioral semantic analysis. IEEE Access 7:69246–69256. https://doi.org/10.1109/ACCESS.2019.2919796

    Article  Google Scholar 

  20. Talha KA, Alper DI, Aydin C (2015) APK auditor: permission-based Android malware detection system. Digit Investig 13:1–14

    Article  Google Scholar 

  21. Li X, Liu J, Huo Y, Zhang R, Yao Y (2016) An Android malware detection method based on Android Manifest file. In: International conference on cloud computing and intelligence systems (CCIS). pp 239–243

    Google Scholar 

  22. Somarriba O, Zurutuza U, Uribe Etxebarria R, Delosières L, Nadjm-Tehrani S (2016) Detection and visualization of android malware behavior. J Electr Comp Eng 2016:8034967. https://doi.org/10.1155/2016/8034967

  23. O'Kane P, Sezer S, McLaughlin K (2014) N-gram density based malware detection. In: 2014 world symposium on computer applications & research (WSCAR). Sousse, pp 1–6. https://doi.org/10.1109/WSCAR.2014.6916806

  24. Ding Y, Zhang X, Hu J et al (2020) Android malware detection method based on bytecode image. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-020-02196-4

    Article  Google Scholar 

  25. van der Veen V (2013) Dynamic analysis of android malware. https://doi.org/10.13140/2.1.2373.4080

  26. Android-Apktool A tool for reverse engineering Android apk files. https://code.google.com/p/android-apktool/

  27. Harris D, Harris S (2012) Digital design and computer architecture, 2nd edn. Morgan Kaufmann, San Francisco, CA, p 129. ISBN 978–0–12–394424–5

    Google Scholar 

  28. Gharib M, Bondavalli A (2019) On the evaluation measures for machine learning algorithms for safety-critical systems. In: 2019 15th european dependable computing conference (EDCC). Naples, Italy, 141–144 https://doi.org/10.1109/EDCC.2019.00035

  29. Alahy QE, Chowdhury MNUR, Soliman H, Chaity MS, Haque A (2020) Android malware detection in large dataset: smart approach. In: Arai K, Kapoor S, Bhatia R (eds) Advances in information and communication. FICC 2020. Advances in intelligent systems and computing, vol 1129. Springer, Cham. https://doi.org/10.1007/978-3-030-39445-5_58

  30. Hearst MA, Dumais ST, Osuna E, Platt J, Scholkopf B (1998) Support vector machines. IEEE Intell Syst Appl 13(4):18–28

    Google Scholar 

  31. Breiman L (2001) Random Forests. Mach Learn 45:5. https://doi.org/10.1023/A:1010933404324

    Article  MATH  Google Scholar 

  32. Liao Y, Vemuri VR (2002) Use of K-Nearest Neighbor classifier for intrusion detection. Comput Secur 21(5):439–448

    Google Scholar 

  33. Li M, Yuan B (2005) 2D-LDA: a statistical linear discriminant analysis for image matrix. Pattern Recogn Lett 26(5):527–532

    Article  Google Scholar 

  34. Haifley T (2002) Linear logistic regression: an introduction. In: IEEE international integrated reliability workshop final report

    Google Scholar 

  35. Navada A, Ansari AN, Patil S, Sonkamble BA (2011) Overview of use of decision tree algorithms in machine learning. In: IEEE control and system graduate research colloquium

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. New Mexico Tech, 801 Leroy Pl, Socorro, NM, 87801, USA

    Md Naseef-Ur-Rahman Chowdhury & Hamdy Soliman

  2. Boise State University, 1910 W University Dr, Boise, ID, 83725, USA

    Qudrat E. Alahy

Authors
  1. Md Naseef-Ur-Rahman Chowdhury
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qudrat E. Alahy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hamdy Soliman
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Md Naseef-Ur-Rahman Chowdhury .

Editor information

Editors and Affiliations

  1. Namseoul University, Cheonan, Korea (Republic of)

    Hyuncheol Kim

  2. Institute of Creative Advanced Technologies, Science and Engineering, Suwon, Korea (Republic of)

    Kuinam J. Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chowdhury, M.NUR., Alahy, Q.E., Soliman, H. (2021). Advanced Android Malware Detection Utilizing API Calls and Permissions. In: Kim, H., Kim, K.J. (eds) IT Convergence and Security. Lecture Notes in Electrical Engineering, vol 782. Springer, Singapore. https://doi.org/10.1007/978-981-16-4118-3_12

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-4118-3_12

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-4117-6

  • Online ISBN: 978-981-16-4118-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation