Abstract
The Android operating system is a major presence in the proliferation of smartphones and IoT applications. Android apps can utilize security loopholes wherein developers may access user-critical data on the host device. A previously published Android malware-detection model analyzed 109,000 APKs, achieving better results than other peer models in accuracy, precision, recall, and F-Score metrics. In this paper, the model is expanded through the addition of API-call analysis, along with APK permissions. This expansion enabled more powerful and improved detection accuracy. Moreover, in an analysis of 158,000 APKs, the more recent model with newer settings achieved much better results than prior work on the same set of performance metrics. These results are an encouraging indication that further expansion of dynamic APK analysis will permit early detection of malware installation, allowing vulnerable Android systems to preempt damage from the malware application vector.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Liu J, Yu J (2011) Research on development of android applications. In: 2011 4th international conference on intelligent networks and intelligent systems. Kunming, pp 69–72 https://doi.org/10.1109/ICINIS.2011.40
Oulehla M (2015) Investigation into google play security mechanisms via experimental botnet. In: 2015 IEEE international symposium on signal processing and information technology (ISSPIT). Abu Dhabi, pp 591–596. https://doi.org/10.1109/ISSPIT.2015.7394406
Wang W, Godfrey MW (2013) Detecting API usage obstacles: a study of iOS and Android developer questions. In: 2013 10th working conference on mining software repositories (MSR). San Francisco, CA, pp 61–64. https://doi.org/10.1109/MSR.2013.6624006
Huang N, Xu M, Zheng N, Qiao T, Choo KR (2019) Deep android malware classification with API-based feature graph. In 2019 18th IEEE international conference on trust, security and privacy in computing and communications/13th IEEE international conference on big data science and engineering (TrustCom/BigDataSE). Rotorua, New Zealand, pp 296–303 https://doi.org/10.1109/TrustCom/BigDataSE.2019.00047
Jung J, et al (2018) Android malware detection based on useful API calls and machine learning. In: 2018 IEEE first international conference on artificial intelligence and knowledge engineering (AIKE). Laguna Hills, CA, pp 175–178. https://doi.org/10.1109/AIKE.2018.00041
Sahoo AK, Sahoo KS, Tiwary M (2014) Signature based malware detection for unstructured data in Hadoop In 2014 international conference on advances in electronics computers and communications. Bangalore, pp 1–6. https://doi.org/10.1109/ICAECC.2014.7002394
Sathyanarayan VS, Kohli P, Bruhadeshwar B (2008) Signature generation and detection of malware families. In: Mu Y, Susilo W, Seberry J (eds) Information security and privacy. ACISP 2008. Lecture notes in computer science, vol 5107. Springer, Berlin, Heidelberg, https://doi.org/10.1007/978-3-540-70500-0_25
Shijo PV, Salim A (2015) Integrated static and dynamic analysis for malware detection. Procedia Comp Sci 46:804–811. ISSN 1877–0509 https://doi.org/10.1016/j.procs.2015.02.149
Utku A, DoGru IA, AkcayolMAPermission based android malware detection with multilayer perceptron. In: 2018 26th signal processing and communications applications conference (SIU). Izmir, pp 1–4. https://doi.org/10.1109/SIU.2018.8404302
Yerima S, Alzaylaee M, Sezer S (2019) Machine learning-based dynamic analysis of Android apps with improved code coverage. EURASIP J Info Sec 2019:4. https://doi.org/10.1186/s13635-019-0087-1
Ahmad M, Costamagna V, Crispo B, Bergadano F F, Zhauniarovich Y (2020) StaDART: addressing the problem of dynamic code updates in the security analysis of android applications. J Syste Softw 159: 110386. ISSN 0164–1212 https://doi.org/10.1016/j.jss.2019.07.088
Daniel A, Michael S, Malte H, Hugo G, Konrad R (2014) Drebin: efficient and explainable detection of android malware in your pocket. In: 21th annual network and distributed system security symposium (NDSS)
Zhou Y, Wang Z, Zhou W, Jiang X (2012) Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets. In: Proceedings of the 19th annual network & distributed system security symposium
Zhou Y, Jiang X (2012) Dissecting android malware: characterization and evolution security and privacy (SP). In: IEEE symposium on security and privacy
MARVIN Efficient and comprehensive mobile app classification through static and dynamic analysis
Virus Total https://www.virustotal.com/gui/graph-overview
Peiravian N, Zhu X (2013) Machine learning for android malware detection using permission and API calls. In: 2013 IEEE 25th international conference on tools with artificial intelligence. Herndon, VA, pp 300–305. https://doi.org/10.1109/ICTAI.2013.53
Venugopal D, Hu G (2008) Efficient signature based malware detection on mobile devices. Mob Inf Syst 4(1):33–49. https://doi.org/10.1155/2008/712353
Zhang H, Luo S, Zhang Y, Pan L (2019) An efficient android malware detection system based on method-level behavioral semantic analysis. IEEE Access 7:69246–69256. https://doi.org/10.1109/ACCESS.2019.2919796
Talha KA, Alper DI, Aydin C (2015) APK auditor: permission-based Android malware detection system. Digit Investig 13:1–14
Li X, Liu J, Huo Y, Zhang R, Yao Y (2016) An Android malware detection method based on Android Manifest file. In: International conference on cloud computing and intelligence systems (CCIS). pp 239–243
Somarriba O, Zurutuza U, Uribe Etxebarria R, Delosières L, Nadjm-Tehrani S (2016) Detection and visualization of android malware behavior. J Electr Comp Eng 2016:8034967. https://doi.org/10.1155/2016/8034967
O'Kane P, Sezer S, McLaughlin K (2014) N-gram density based malware detection. In: 2014 world symposium on computer applications & research (WSCAR). Sousse, pp 1–6. https://doi.org/10.1109/WSCAR.2014.6916806
Ding Y, Zhang X, Hu J et al (2020) Android malware detection method based on bytecode image. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-020-02196-4
van der Veen V (2013) Dynamic analysis of android malware. https://doi.org/10.13140/2.1.2373.4080
Android-Apktool A tool for reverse engineering Android apk files. https://code.google.com/p/android-apktool/
Harris D, Harris S (2012) Digital design and computer architecture, 2nd edn. Morgan Kaufmann, San Francisco, CA, p 129. ISBN 978–0–12–394424–5
Gharib M, Bondavalli A (2019) On the evaluation measures for machine learning algorithms for safety-critical systems. In: 2019 15th european dependable computing conference (EDCC). Naples, Italy, 141–144 https://doi.org/10.1109/EDCC.2019.00035
Alahy QE, Chowdhury MNUR, Soliman H, Chaity MS, Haque A (2020) Android malware detection in large dataset: smart approach. In: Arai K, Kapoor S, Bhatia R (eds) Advances in information and communication. FICC 2020. Advances in intelligent systems and computing, vol 1129. Springer, Cham. https://doi.org/10.1007/978-3-030-39445-5_58
Hearst MA, Dumais ST, Osuna E, Platt J, Scholkopf B (1998) Support vector machines. IEEE Intell Syst Appl 13(4):18–28
Breiman L (2001) Random Forests. Mach Learn 45:5. https://doi.org/10.1023/A:1010933404324
Liao Y, Vemuri VR (2002) Use of K-Nearest Neighbor classifier for intrusion detection. Comput Secur 21(5):439–448
Li M, Yuan B (2005) 2D-LDA: a statistical linear discriminant analysis for image matrix. Pattern Recogn Lett 26(5):527–532
Haifley T (2002) Linear logistic regression: an introduction. In: IEEE international integrated reliability workshop final report
Navada A, Ansari AN, Patil S, Sonkamble BA (2011) Overview of use of decision tree algorithms in machine learning. In: IEEE control and system graduate research colloquium
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chowdhury, M.NUR., Alahy, Q.E., Soliman, H. (2021). Advanced Android Malware Detection Utilizing API Calls and Permissions. In: Kim, H., Kim, K.J. (eds) IT Convergence and Security. Lecture Notes in Electrical Engineering, vol 782. Springer, Singapore. https://doi.org/10.1007/978-981-16-4118-3_12
Download citation
DOI: https://doi.org/10.1007/978-981-16-4118-3_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-4117-6
Online ISBN: 978-981-16-4118-3
eBook Packages: Computer ScienceComputer Science (R0)