Machine-Learning-Based Android Malware Detection Techniques—A Comparative Analysis

Conference paper
Part of the Lecture Notes in Networks and Systems book series (LNNS, volume 9)


Today, Smartphones can handle myriad of programs and applications that perform a wide varieties of functions. In recent years, Android has been a globally anticipated open source operating system for Smartphones. However, rapid advancement of Android is marred with augmenting threats of Android malwares that perform pernicious activities on Smartphones. Malwares exercising different techniques to dodge existing detection methods offer uncommon challenges for their accurate detection. Signature-based detection approach and machine-learning-based detection approach are the broad classifications for existing Android malware detection techniques. Researchers and antimalware companies have identified the inefficiency of signature-based detection approach and shifted to machine-learning-based detection approach to overcome the limitations of signature-based detection approach. This paper disserts existing machine-learning-based Android malware detection techniques and presents parametric comparison of discussed malware detection techniques. Hence, this paper targets to study various machine-learning-based detection techniques and to establish probable future directions.


Android Malware Signature-based Machine-learning-based Static analysis Dynamic analysis Hybrid analysis 


  1. 1.
    G Inc, Gartner says worldwide smartphone sales grew 9.7 percent in fourth quarter of 2015.
  2. 2.
    Feizollah, A, Anuar, N, Salleh, R, Wahab, A (2015) A review on feature selection in mobile malware detection. In: Digital investigation, vol 13, pp 22–37Google Scholar
  3. 3.
    Castillo, C (2012) Android malware past, present, future. In: Mobile working security group McAfee, Santa Clara, CA, USA, Technology ReportGoogle Scholar
  4. 4.
    Zhou, W, Zhou, Y, Jiang, X, Ning, P (2012) Detecting repackaged smartphone applications in third-party android marketplaces. In: 2nd ACM conference on data and application security and privacy, New York, NY, USA, pp 317–326Google Scholar
  5. 5.
    Android Malware Genome Project.
  6. 6.
  7. 7.
    Android/NotCompatible looks like piece of PC botnet.
  8. 8.
  9. 9.
  10. 10.
    Faruki P, Bharmal A, Laxmi V, Ganmoor V, Gaur M, Conti M, Rajarajan M (2015) Android security: a survey of issues, malware penetration, and defenses. IEEE Commun Surv Tutor 7(2):998–1022CrossRefGoogle Scholar
  11. 11.
    Sufatrio, Tan, D, Chua, T, Thing, V (2015) Securing android: a survey, taxonomy, and challenges. In: ACM Comput Surv 47(4):58Google Scholar
  12. 12.
    Wu, D, Mao, C, Wei, T, Ming, H, Wu, K (2012) DroidMat: android malware detection through manifest and api calls tracing. In: 7th Asia joint conference on information security. IEEE, pp 62–69Google Scholar
  13. 13.
    Teodoro P, Verdejo J, Fernndez G, Vzquez E (2009) Anomaly-based network intrusion detection: techniques, systems and challenges. Comput Secur (Elsevier) 28(1–2):18–28CrossRefGoogle Scholar
  14. 14.
    Fedler, R, Schütte, J, Kulicke, M (2013) On the effectiveness of malware protection on android. In: Fraunhofer AISEC, Berlin, Germany, Technology ReportGoogle Scholar
  15. 15.
    lu, Y, Zulie, P, Jingju, L, Yi, S (2013) Android malware detection technology based on improved Bayesian classification. In: 3rd international conference on instrumentation, measurement, computer, communication and control. IEEE, pp 1338–1341Google Scholar
  16. 16.
    Amos, B, Turner, H, White, J (2013) Applying machine learning classifiers to dynamic android malware detection at scale. In: 9th international wireless communications and mobile computing conference (IWCMC). IEEE, pp 1666–1671Google Scholar
  17. 17.
    Dini, G, Martinelli, F, Saracino, A, Sgandurra, D (2012) MADAM: a multi-level anomaly detector for android malware. In: 6th international conference on mathematical methods, models and architectures for computer network security. SpringerGoogle Scholar
  18. 18.
    Huang, C, Tsai, Y, Hsu, C (2013) Performance evaluation on permission-based detection for android malware. In: Advances in intelligent systems and applications. Springer, pp 111–120Google Scholar
  19. 19.
    Sahs, J, Khan, L (2012) A machine learning approach to android malware detection. In: European intelligence and security informatics conference. IEEE, pp 141–147Google Scholar
  20. 20.
    Shijo, P, Salim, A (2015) Integrated static and dynamic analysis for malware detection. In: International conference on information and communication technologies (ICICT 2014). Proc Comput Sci (Elsevier) 46:804–811Google Scholar
  21. 21.
    Burguera, I, Zurutuza, U, Tehrani, S (2011) Crowdroid: behavior-based malware detection system for android. In: Security and privacy in smartphones and mobile devices. ACM, pp 15–26Google Scholar
  22. 22.
    Kim, D, Kim, J, Kim, S (2013) A malicious application detection framework using automatic feature extraction tool on android market. In: 3rd international conference on computer science and information technology (ICCSIT)Google Scholar
  23. 23.
    Yerima, S, Sezer, S, Muttik, I (2014) Android malware detection using parallel machine learning classifiers. In: 8th international conference on next generation mobile applications, services and technology. IEEE, pp 37–42Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  1. 1.Department of Computer EngineeringSarvajanik College of Engineering and TechnologySuratIndia

Personalised recommendations