Characterization of Android Malware Families by a Reduced Set of Static Features

  • Javier Sedano
  • Camelia Chira
  • Silvia González
  • Álvaro HerreroEmail author
  • Emilio Corchado
  • José Ramón Villar
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 527)


Due to the ever increasing amount and severity of attacks aimed at compromising smartphones in general, and Android devices in particular, much effort have been devoted in recent years to deal with such incidents. However, accurate detection of bad-intentioned Android apps still is an open challenge. As a follow-up step in an ongoing research, preset paper explores the selection of features for the characterization of Android-malware families. The idea is to select those features that are most relevant for characterizing malware families. In order to do that, an evolutionary algorithm is proposed to perform feature selection on the Drebin dataset, attaining interesting results on the most informative features for the characterization of representative families of existing Android malware.


Feature selection Genetic algorithm Android Malware families 



This research has been partially supported through the project of the Spanish Ministry of Economy and Competitiveness RTC-2014-3059-4. The authors would also like to thank the BIO/BU09/14 and the Spanish Ministry of Science and Innovation PID 560300-2009-11.


  1. 1.
  2. 2.
    AppBrain Stats. Accessed 08 July 2016
  3. 3.
    Micro, T.: The Fine Line: 2016 Trend Micro Security Predictions (2015)Google Scholar
  4. 4.
    Mind the (Security) Gaps: The 1H 2015 Mobile Threat Landscape. Accessed 08 July 2016
  5. 5.
    F-Secure: Q1 2014 Mobile Threat Report (2015)Google Scholar
  6. 6.
    Yajin, Z., Xuxian, J.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95–109 (2012)Google Scholar
  7. 7.
    Spreitzenbarth, M., Echtler, F., Schreck, T., Freling, F.C., Hoffmann, J.: Mobile-sandbox: having a deeper look into android applications. In: 28th International ACM Symposium on Applied Computing (SAC) (2013)Google Scholar
  8. 8.
    Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: 21st Annual Network and Distributed System Security Symposium (2014)Google Scholar
  9. 9.
    Guyon, I., Elisseeff, A.: An introduction to variable and feature selection. J. Mach. Learn. Res. 3, 1157–1182 (2003)zbMATHGoogle Scholar
  10. 10.
    Larrañaga, P., Calvo, B., Santana, R., Bielza, C., Galdiano, J., Inza, I., Lozano, J.A., Armañanzas, R., Santafé, G., Pérez, A.: Machine learning in bioinformatics. Briefings Bioinform. 7, 86–112 (2006)CrossRefGoogle Scholar
  11. 11.
    Ding, C., Peng, H.: Minimum redundancy feature selection from microarray gene expression data. J. Bioinform. Comput. Biol. 3, 185–205 (2005)CrossRefGoogle Scholar
  12. 12.
    Liu, H., Liu, L., Zhang, H.: Ensemble gene selection by grouping for microarray data classification. J. Biomed. Inform. 43, 81–87 (2010)CrossRefGoogle Scholar
  13. 13.
    Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digit. Invest. 13, 22–37 (2015)CrossRefGoogle Scholar
  14. 14.
    Hyo-Sik, H., Mi-Jung, C.: Analysis of android malware detection performance using machine learning classifiers. In: 2013 International Conference on ICT Convergence (2013), pp. 490–495Google Scholar
  15. 15.
    Shabtai, A., Elovici, Y.: Applying behavioral detection on android-based devices. In: Magedanz, T., Li, M., Xia, J., Giannelli, C., Cai, Y. (eds.) Mobilware 2010. LNICST, vol. 48, pp. 235–249. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Shabtai, A., Fledel, Y., Elovici, Y.: Automated static code analysis for classifying android applications using machine learning. In: 2010 International Conference on Computational Intelligence and Security, pp. 329–333 (2010)Google Scholar
  17. 17.
    Vinod, P., Laxmi, V., Gaur, M.S., Naval, S., Faruki, P.: MCF: multicomponent features for malware analysis. In: 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 1076–1081 (2013)Google Scholar
  18. 18.
    Battista, P., Mercaldo, F., Nardone, V., Santone, A., Visaggio, C.: Identification of android malware families with model checking. In: 2nd International Conference on Information Systems Security and Privacy (2016)Google Scholar
  19. 19.
    Sedano, J., Chira, C., González, S., Herrero, Á., Corchado, E., Villar, J.R.: On the selection of key features for android malware characterization. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds.) International Joint Conference. AISC, vol. 369, pp. 167–176. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  20. 20.
    Virus Total. Accessed 08 July 2016

Copyright information

© Springer International Publishing AG 2017

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (, which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

Authors and Affiliations

  • Javier Sedano
    • 1
  • Camelia Chira
    • 2
  • Silvia González
    • 1
  • Álvaro Herrero
    • 3
    Email author
  • Emilio Corchado
    • 4
  • José Ramón Villar
    • 5
  1. 1.Instituto Tecnológico de Castilla y LeónBurgosSpain
  2. 2.Department of Computer ScienceUniversity of Cluj-NapocaCluj-NapocaRomania
  3. 3.Department of Civil EngineeringUniversity of BurgosBurgosSpain
  4. 4.Department of Computer Science and AutomationUniversity of SalamancaSalamancaSpain
  5. 5.Computer Science DepartmentUniversity of OviedoOviedoSpain

Personalised recommendations