Skip to main content
SpringerLink
Log in

Android malware detection: state of the art

  • Original Research
  • Published:
International Journal of Information Technology Aims and scope Submit manuscript

Abstract

Android malware is on the rise along with the popularity of Android OS. Malware writers are using novel techniques to create malicious Android applications which severely undermine the capability of traditional malware detectors which are incompetent towards detecting these unknown malicious applications. The features obtained from static and dynamic analysis of Android applications can be used to detect unknown Android malware by using machine learning techniques. This paper presents an analysis of various Android malware detection systems and compares them based on various parameters such as detection technique, analysis method, and features extracted. We were able to find research work in all the Android malware detection techniques which employ machine learning which also highlights the fact that machine learning algorithms are used frequently in this area for detecting Android malware in the wild.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. G Data Mobile Malware Report (2015) https://public.gdatasoftware.com/Presse/Publikationen/Malware_Reports/G_DATA_MobileMWR_Q1_2015_US.pdf

  2. Zhou Y, Jiang X (2012) Dissecting Android malware: characterization and evolution. Proc IEEE Symp Secur Priv 4:95–109

    Google Scholar 

  3. “AVG.” http://now.avg.com/malware-is-still-spying-on-you-after-your-mobile-is-off/

  4. “Dr. Web.” https://news.drweb.com/show/?i=5860&lng=en

  5. “Platform Architecture.” https://developer.android.com/guide/platform/index.html

  6. “ART and Dalvik.” https://source.android.com/devices/tech/dalvik/

  7. “Android Studio.” https://developer.android.com/studio/index.html

  8. “Application Fundamentals.” https://developer.android.com/guide/components/fundamentals.html

  9. Enck W, Ongtang M, McDaniel P (2009) Understanding Android Security. IEEE Secur Priv 7:50–57

    Article  Google Scholar 

  10. Christodorescu M, Jha S (2004) Testing malware detectors. ACM SIGSOFT Softw Eng Notes 29:34

    Article  Google Scholar 

  11. Mitchell TM (1997) Machine learning. McGraw-Hill, Inc., New York

    MATH  Google Scholar 

  12. Sammut C, Webb GI (2011) Encyclopedia of machine learning. Springer Sci. Bus. Media, vol. 33, pp. 439–447

  13. Kotsiantis SB (2007) Supervised machine learning: a review of classification techniques. Mach Learn 31:249–268

    MathSciNet  MATH  Google Scholar 

  14. Ghahramani Z (2004) Unsupervised learning. Mach. Learn. 2003 (Summer Sch., pp 72–112

  15. Ning P (2003) Intrusion detection techniques. Internet Encycl

  16. Debar H, Dacier M, Wespi A (1999) Towards a taxonomy of intrusion-detection systems. Comput Netw 31(8):805–822

    Article  Google Scholar 

  17. Hassan D, Might M (2014) A similarity-based machine learning approach for detecting adversarial android malware

  18. Christodorescu M, Jha S, Seshia SA, Song D, Bryant RE (2005) Semantics-aware malware detection. In: Proceedings of IEEE symposium security privacy, pp 32–46

  19. Porras PA, Valdes A (1998) Live traffic analysis of TCP/IP Gateways. In: Proceedings of 1998 ISOC symposium network distributed system security NDSS98

  20. “ESET.”

  21. Bläsing T, Batyuk L, Schmidt AD, Camtepe SA, Albayrak S (2010) An android application sandbox system for suspicious software detection. In: Proceedings of 5th IEEE international conference malicious unwanted software, Malware 2010, pp 55–62

  22. Almin SB, Chatterjee M (2015) A novel approach to detect android malware. Procedia Comput Sci 45:407–417

    Article  Google Scholar 

  23. Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y (2012) ‘Andromaly’: a behavioral malware detection framework for android devices. J Intell Inf Syst 38(1):161–190

    Article  Google Scholar 

  24. Faruki P, Laxmi V, Bharmal A, Gaur MS, Ganmoor V (2015) AndroSimilar: robust signature for detecting variants of Android malware. J Inf Secur Appl 22:66–80

    Google Scholar 

  25. Talha KA, Alper DI, Aydin C (2015) APK auditor: permission-based android malware detection system. Digit Investig 13:1–14

    Article  Google Scholar 

  26. Martinelli F, Saracino A, Sgandurra D (2014) Classifying android malware through subgraph mining. Lect Notes Comput Sci 8247:268–283

    Article  Google Scholar 

  27. Burguera I, Zurutuza U, Nadjm-Tehrani S (2011) Crowdroid: behavior-based malware detection system for android. In: Proceedings of 1st ACM work security privacy smartphones mobile devices—SPSM’11, p. 15

  28. Arp D, Spreitzenbarth M, Malte H, Gascon H, Rieck K (2014) Drebin: effective and explainable detection of android malware in your pocket. In: Symposium network distributed system security, pp 23–26

  29. Aafer Y, Du W, Yin H (2013) DroidAPIMiner: mining API-level features for robust malware detection in android. Secur Priv Commun Netw 127:86–103

    Article  Google Scholar 

  30. Wu W (2014) DroidDolphin: a dynamic android malware detection framework using big data and machine learning

  31. Wu DJ, Mao CH, Wei TE, Lee HM, Wu KP (2012) DroidMat: android malware detection through manifest and API calls tracing. In: Proceedings of 2012 7th Asia joint conference information security AsiaJCIS 2012, pp 62–69

  32. Yang C, Xu Z, Gu G, Yegneswaran V, Porras P (2014) DroidMiner: automated mining and characterization of fine-grained malicious behaviors in android applications. Lect Notes Comput Sci 8712:163–182

    Article  Google Scholar 

  33. Yuan Z, Lu Y, Wang Z, Xue Y (2014) Droid-Sec: deep learning in android malware detection. Sigcomm 2014:371–372

    Article  Google Scholar 

  34. Zhang M, Duan Y, Yin H, Zhao Z (2014) Semantics-aware android malware classification using weighted contextual API dependency graphs. In: Proceedings of 2014 ACM SIGSAC conference computer communication security, pp 1105–1116

  35. Dini G, Martinelli F, Saracino A, Sgandurra D (2012) MADAM: a multi-level anomaly detector for android malware. Lect Notes Comput Sci 7531:240–253

    Article  Google Scholar 

  36. Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Bringas PG, Álvarez G (2013) PUMA: permission usage to detect malware in android. Advances intelligent systems computing, vol. 189 AISC, pp 289–298

  37. Zhao M, Zhang T, Ge F, Yuan Z (2012) Robotdroid: a lightweight malware detection framework on smartphones. J Netw 7(4):715–722

    Google Scholar 

  38. Amos B, Turner H, White J (2013) Applying machine learning classifiers to dynamic android malware detection at scale. In: 9th International wireless communication mobile computer conference IWCMC 2013, pp. 1666–1671

  39. Huang G-B, Zhu Q-Y, Siew C-K (2006) Extreme learning machine: theory and applications. Neurocomputing 70:489–501

    Article  Google Scholar 

  40. Zhang W, Ren H, Jiang Q, Zhang K (2015) Exploring feature extraction and ELM in malware detection for android devices. Lect Notes Comput Sci 9377:489–498

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Delhi, Delhi, India

    Sunil Kumar Muttoo

  2. Department of Computer Science, Maitreyi College, University of Delhi, Delhi, India

    Shikha Badhani

Authors
  1. Sunil Kumar Muttoo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shikha Badhani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sunil Kumar Muttoo.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Muttoo, S.K., Badhani, S. Android malware detection: state of the art. Int. j. inf. tecnol. 9, 111–117 (2017). https://doi.org/10.1007/s41870-017-0010-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41870-017-0010-2

Keywords

Search

Navigation