Skip to main content
SpringerLink
Log in

Android Malware Detection Using Ensemble Learning on Sensitive APIs

  • Conference paper
  • First Online:
Edge Computing and IoT: Systems, Management and Security (ICECI 2020)

Included in the following conference series:

  • 471 Accesses

Abstract

In recent years, with the quiet popularity of mobile payment methods, mobile terminal equipment also have potential security problems while facilitating people’s lives. Behavior-based Android malware detection is mostly based on permission analysis and API calls. In this paper, we propose a static Android malicious detection scheme based on sensitive API calls. We extracted all APIs called in the experimental samples through decompilation, and then calculated and ranked the threats related to these APIs according to the mutual information model, selected the top 20 sensitive API calls, and generated a 20-dimensional feature vector for each application. In the classification process, an integrated learning model based on DT classifier, kNN classifier and SVM classifier is used to effectively detect unknown APK samples. We collected 516 benign samples and 528 malicious samples. Through a large number of experiments, the results show that the accuracy of our scheme can be up to 94%, and the precision is up to 95%.

Supported by Tianjin Nature Science Youth Foundation (No.18JCQNJC69900).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. IDC new report: Android account for 87% market share in 2019, iPhone only accounts for 13%. https://baijiahao.baidu.com/s?id=1644272367710328052&wfr=spider&for=pc. Accessed 10 Sept 2019

  2. Android. https://www.android.com/. Accessed 30 Nov 2016

  3. Enck, W., Gilbert, P., Han, S., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)

    Article  Google Scholar 

  4. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (2011), pp. 15–26. ACM (2011). https://doi.org/10.1145/2046614.2046619

  5. Wu, S., Wang, P., Li, X., Zhang, Y.: Effective detection of android malware based on the usage of data flow APIs and machine learning. Inf. Softw. Technol. 75, 17–25 (2016)

    Article  Google Scholar 

  6. Onwuzurike, L., Mariconti, E., Andriotis, P., De Cristofaro, E., Ross, G., Stringhini, G.: MaMaDroid: detecting android malware by building Markov chains of behavioral models (extended version). ACM Trans. Priv. Secur. 22(2), 1–34 (2019)

    Article  Google Scholar 

  7. Kim, T., Kang, B., Rho, M., Sezer, S., Im, E.G.: A Multimodal Deep Learning Method for Android Malware Detection Using Various Features. IEEE Trans. Infor. Forensics and Secur. 14(3), 773–788 (2019). https://doi.org/10.1109/TIFS.2018.2866-319

  8. Zhao, C., Zheng, W., Gong, L., et al.: Quick and accurate android malware detection based on sensitive APIs. In: IEEE International Conference on Smart Internet of Things. IEEE Computer Society, pp. 143–148 (2018)

    Google Scholar 

  9. Felt, A.P., Chin, E., Hanna, S., et al.: Android permissions demystied. In: ACM Conference on Computer & Communications Security, vol. 10, p. 627 (2011)

    Google Scholar 

  10. Guyon, I., Elisseeff, A., et al.: An introduction to variable and feature selection. J. Mach. Learn. Res. 3(6), 1157–1182 (2013)

    MATH  Google Scholar 

  11. Wang, X., Feng, D., Liu, J.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869–1882 (2014)

    Article  Google Scholar 

  12. Xiang, C., Yang, P., Tian, C., Liu, Y.: Calibrate without calibrating: an iterative approach in participatory sensing network. IEEE Trans. Parallel Distrib. Syst. 26(2), 351–356 (2015)

    Article  Google Scholar 

  13. Virusshare. http://virusshare.com. Accessed 30 Sept 2017

  14. Google android market. https://play.google.com/store/apps?feature=corpus selector. Accessed 30 Jan 2017

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Computer Vision and System, Ministry of Education, Tianjin University of Technology, Tianjin, 300384, China

    Junhui Yu, Chunlei Zhao, Wenbai Zheng, Yunlong Li, Chunxiang Zhang & Chao Chen

  2. Tianjin Key Laboratory of Intelligence Computing and Novel Software Technology, Ministry of Education, Tianjin University of Technology, Tianjin, 300384, China

    Junhui Yu, Chunlei Zhao, Wenbai Zheng, Yunlong Li, Chunxiang Zhang & Chao Chen

Authors
  1. Junhui Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chunlei Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenbai Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yunlong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chunxiang Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Chao Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Hunan University, Hunan, China

    Hongbo Jiang

  2. Old Dominion University, Norfolk, VA, USA

    Hongyi Wu

  3. Hunan University, Changsha, China

    Fanzi Zeng

Rights and permissions

Reprints and permissions

Copyright information

© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yu, J., Zhao, C., Zheng, W., Li, Y., Zhang, C., Chen, C. (2021). Android Malware Detection Using Ensemble Learning on Sensitive APIs. In: Jiang, H., Wu, H., Zeng, F. (eds) Edge Computing and IoT: Systems, Management and Security. ICECI 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 368. Springer, Cham. https://doi.org/10.1007/978-3-030-73429-9_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-73429-9_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-73428-2

  • Online ISBN: 978-3-030-73429-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation