Using Hybrid Model for Android Malicious Application Detection Based on Population (Short Paper)

  • Zhijie Xiao
  • Tao LiEmail author
  • Yuqiao Wang
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 268)


In the Android system security issue, the maliciousness of the applications is closely related to the permissions they applied. In this paper, a population-based model is proposed for detecting Android malicious application. Which is in the view of the current disadvantages of missing report, long detection period caused by features redundancy, and the instability of detection rate lead by unbalanced data of benign and malicious samples. Drawing on the idea of population in biology, each app was labeled by preprocessing. And adaptive feature vectors were automatically selected through the feature engineering. Thus the malicious application detection is carried out in the form of hybrid model voting. The experimental results show that feature engineering can remove a large amount of redundancy before classification. And the hybrid voting model can provide adaptive detection service for different populations.


Android security Population Feature engineering Security detection 



Authors are partially supported by Major projects of the Hubei Provincial Education Department (No. 17ZD014), Hubei college students’ Innovation and Entrepreneurship Training Program project (No. 201610488020), National defense pre research fund of Wuhan University of Science and Technology (No. GF201712) and Colleges and Universities in Hubei Provincial College Students’ Innovation Entrepreneurial Training Program (No. 201710488027).


  1. 1.
    The development of the China Mobile Internet and its security report (2017). [EB/OL]. Accessed 17 May 2017/08 Mar 2018
  2. 2.
    Yi, L., Zhang, N., Liu, D.: Study on mobile malware situation and trends. Inf. Commun. Technol. 7(2), 75–79 (2013)Google Scholar
  3. 3.
    Jiang, X., Zhou, Y.: A survey of Android malware. In: Jiang, X., Zhou, Y. (eds.) Android Malware, pp. 3–20. Springer, New York (2013). Scholar
  4. 4.
    Chu, J., Zheng, L.: The security analysis of Android OS. Microcomput. Appl. 20(7), 1–3 (2013)Google Scholar
  5. 5.
    Peng, H., Gates, C., Sarma, B., et al.: Using probabilistic generative models for ranking risks of Android apps. In: ACM Conference on Computer and Communications Security, pp. 241–252. ACM (2012)Google Scholar
  6. 6.
    Zhou, Y., Jiang, X.: Dissecting Android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy, pp. 95–109. IEEE (2012)Google Scholar
  7. 7.
    Feng, Y., Anand, S., Dillig, I., et al.: Apposcopy: semantics-based detection of Android malware through static analysis. In: ACM SIGSOFT International Symposium on Foundations of Software Engineering, pp. 576–587. ACM (2014)Google Scholar
  8. 8.
    Petsas, T., Voyatzis, G., Athanasopoulos, E., et al.: Rage against the virtual machine: hindering dynamic analysis of Android malware. ACM (2014)Google Scholar
  9. 9.
    Schmidt, A.D., Bye, R., Schmidt, H.G., et al.: Static analysis of executables for collaborative malware detection on Android. In: IEEE International Conference on Communications, pp. 1–5. IEEE (2009)Google Scholar
  10. 10.
    Shabtai, A., Elovici, Y.: Applying behavioral detection on Android-based devices. In: Cai, Y., Magedanz, T., Li, M., Xia, J., Giannelli, C. (eds.) MOBILWARE 2010. LNICST, vol. 48, pp. 235–249. Springer, Heidelberg (2010). Scholar
  11. 11.
    Barrera, D., Oorschot, P.C.V., Somayaji, A.: A methodology for empirical analysis of permission-based security models and its application to Android. In: ACM Conference on Computer & Communications Security, pp. 73–84. ACM (2010)Google Scholar
  12. 12.
    Zhou, Y.: Dissecting Android malware: characterization and evolution. 4(3), 95–109 (2012)Google Scholar
  13. 13.
    Zhang, W., Ben, H., Zhang, K., et al.: Malware detection techniques by mining massive behavioral data of mobile Apps. J. Integr. Technol. 5(2), 29–40 (2016)Google Scholar
  14. 14.
    Yang, H., Xu, J.: Android malware detection based on improved random forest algorithm. J. Commun. 38(4), 8–16 (2017)MathSciNetGoogle Scholar
  15. 15.
    Zhang, T., Li, T., Wang, H., Xiao, Z.: AndroidProtect: Android apps security analysis system. In: Wang, S., Zhou, A. (eds.) CollaborateCom 2016. LNICST, vol. 201, pp. 583–594. Springer, Cham (2017). Scholar
  16. 16.
    Wang, H., Li, T., Zhang, T., Wang, J.: Android apps security evaluation system in the cloud. In: Guo, S., Liao, X., Liu, F., Zhu, Y. (eds.) CollaborateCom 2015. LNICST, vol. 163, pp. 151–160. Springer, Cham (2016). Scholar
  17. 17.
    Peng, H.: Discussion on the selective weighted Bias classification method. Zhongshan University (2010)Google Scholar
  18. 18.
  19. 19.
    VirusShare [EB/OL].

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  1. 1.College of Computer Science and TechnologyWuhan University of Science and TechnologyWuhanChina
  2. 2.Hubei Province Key Laboratory of Intelligent Information Processing and Real-Time Industrial SystemWuhanChina

Personalised recommendations