Abstract
Android malware is on the rise along with the popularity of Android OS. Malware writers are using novel techniques to create malicious Android applications which severely undermine the capability of traditional malware detectors which are incompetent towards detecting these unknown malicious applications. The features obtained from static and dynamic analysis of Android applications can be used to detect unknown Android malware by using machine learning techniques. This paper presents an analysis of various Android malware detection systems and compares them based on various parameters such as detection technique, analysis method, and features extracted. We were able to find research work in all the Android malware detection techniques which employ machine learning which also highlights the fact that machine learning algorithms are used frequently in this area for detecting Android malware in the wild.
Similar content being viewed by others
References
G Data Mobile Malware Report (2015) https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q1_2015_US.pdf
Zhou Y, Jiang X (2012) Dissecting Android malware: characterization and evolution. Proc IEEE Symp Secur Priv 4:95–109
“AVG.” http://now.avg.com/malware-is-still-spying-on-you-after-your-mobile-is-off/
“Dr. Web.” https://news.drweb.com/show/?i=5860&lng=en
“Platform Architecture.” https://developer.android.com/guide/platform/index.html
“ART and Dalvik.” https://source.android.com/devices/tech/dalvik/
“Android Studio.” https://developer.android.com/studio/index.html
“Application Fundamentals.” https://developer.android.com/guide/components/fundamentals.html
Enck W, Ongtang M, McDaniel P (2009) Understanding Android Security. IEEE Secur Priv 7:50–57
Christodorescu M, Jha S (2004) Testing malware detectors. ACM SIGSOFT Softw Eng Notes 29:34
Mitchell TM (1997) Machine learning. McGraw-Hill, Inc., New York
Sammut C, Webb GI (2011) Encyclopedia of machine learning. Springer Sci. Bus. Media, vol. 33, pp. 439–447
Kotsiantis SB (2007) Supervised machine learning: a review of classification techniques. Mach Learn 31:249–268
Ghahramani Z (2004) Unsupervised learning. Mach. Learn. 2003 (Summer Sch., pp 72–112
Ning P (2003) Intrusion detection techniques. Internet Encycl
Debar H, Dacier M, Wespi A (1999) Towards a taxonomy of intrusion-detection systems. Comput Netw 31(8):805–822
Hassan D, Might M (2014) A similarity-based machine learning approach for detecting adversarial android malware
Christodorescu M, Jha S, Seshia SA, Song D, Bryant RE (2005) Semantics-aware malware detection. In: Proceedings of IEEE symposium security privacy, pp 32–46
Porras PA, Valdes A (1998) Live traffic analysis of TCP/IP Gateways. In: Proceedings of 1998 ISOC symposium network distributed system security NDSS98
“ESET.”
Bläsing T, Batyuk L, Schmidt AD, Camtepe SA, Albayrak S (2010) An android application sandbox system for suspicious software detection. In: Proceedings of 5th IEEE international conference malicious unwanted software, Malware 2010, pp 55–62
Almin SB, Chatterjee M (2015) A novel approach to detect android malware. Procedia Comput Sci 45:407–417
Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y (2012) ‘Andromaly’: a behavioral malware detection framework for android devices. J Intell Inf Syst 38(1):161–190
Faruki P, Laxmi V, Bharmal A, Gaur MS, Ganmoor V (2015) AndroSimilar: robust signature for detecting variants of Android malware. J Inf Secur Appl 22:66–80
Talha KA, Alper DI, Aydin C (2015) APK auditor: permission-based android malware detection system. Digit Investig 13:1–14
Martinelli F, Saracino A, Sgandurra D (2014) Classifying android malware through subgraph mining. Lect Notes Comput Sci 8247:268–283
Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: Proceedings of 1st ACM work security privacy smartphones mobile devices—SPSM’11, p. 15
Arp D, Spreitzenbarth M, Malte H, Gascon H, Rieck K (2014) Drebin: effective and explainable detection of android malware in your pocket. In: Symposium network distributed system security, pp 23–26
Aafer Y, Du W, Yin H (2013) DroidAPIMiner: mining API-level features for robust malware detection in android. Secur Priv Commun Netw 127:86–103
Wu W (2014) DroidDolphin: a dynamic android malware detection framework using big data and machine learning
Wu DJ, Mao CH, Wei TE, Lee HM, Wu KP (2012) DroidMat: android malware detection through manifest and API calls tracing. In: Proceedings of 2012 7th Asia joint conference information security AsiaJCIS 2012, pp 62–69
Yang C, Xu Z, Gu G, Yegneswaran V, Porras P (2014) DroidMiner: automated mining and characterization of fine-grained malicious behaviors in android applications. Lect Notes Comput Sci 8712:163–182
Yuan Z, Lu Y, Wang Z, Xue Y (2014) Droid-Sec: deep learning in android malware detection. Sigcomm 2014:371–372
Zhang M, Duan Y, Yin H, Zhao Z (2014) Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of 2014 ACM SIGSAC conference computer communication security, pp 1105–1116
Dini G, Martinelli F, Saracino A, Sgandurra D (2012) MADAM: a multi-level anomaly detector for android malware. Lect Notes Comput Sci 7531:240–253
Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Bringas PG, Álvarez G (2013) PUMA: permission usage to detect malware in android. Advances intelligent systems computing, vol. 189 AISC, pp 289–298
Zhao M, Zhang T, Ge F, Yuan Z (2012) Robotdroid: a lightweight malware detection framework on smartphones. J Netw 7(4):715–722
Amos B, Turner H, White J (2013) Applying machine learning classifiers to dynamic android malware detection at scale. In: 9th International wireless communication mobile computer conference IWCMC 2013, pp. 1666–1671
Huang G-B, Zhu Q-Y, Siew C-K (2006) Extreme learning machine: theory and applications. Neurocomputing 70:489–501
Zhang W, Ren H, Jiang Q, Zhang K (2015) Exploring feature extraction and ELM in malware detection for android devices. Lect Notes Comput Sci 9377:489–498
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Muttoo, S.K., Badhani, S. Android malware detection: state of the art. Int. j. inf. tecnol. 9, 111–117 (2017). https://doi.org/10.1007/s41870-017-0010-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-017-0010-2