A Survey on the Detection of Android Malicious Apps

  • Sanjay K. SahayEmail author
  • Ashu Sharma
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 924)


Android-based smart devices are exponentially growing, and due to the ubiquity of the Internet, these devices are globally connected to the different devices/networks. Its popularity, attractive features, and mobility make malware creator to put number of malicious apps in the market to disrupt and annoy the victims. Although to identify the malicious apps, time-to-time various techniques are proposed. However, it appears that malware developers are always ahead of the anti-malware group, and the proposed techniques by the anti-malware groups are not sufficient to counter the advanced malicious apps. Therefore, to understand the various techniques proposed/used for the identification of Android malicious apps, in this paper, we present a survey conducted by us on the work done by the researchers in this field.


Android Malicious apps Dangerous permissions Anti-malware 


  1. 1.
    9apps: Free android apps download (2016).
  2. 2.
    Ahn, A.: How we fought bad apps and malicious developers in 2017. Technical report, Google Play (2018).
  3. 3.
    Allix, K., Bissyandé, T.F., Jérome, Q., Klein, J., Le Traon, Y., et al.: Large-scale machine learning-based malware detection: confronting the 10-fold cross validation scheme with reality. In: Proceedings of the 4th ACM Conference on Data and Application Security and Privacy, ACM, pp. 163–166 (2014)Google Scholar
  4. 4.
    Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: effective and explainable detection of android malware in your pocket. In: NDSS, pp. 1–15 (2014)Google Scholar
  5. 5.
    Canfora, G., Mercaldo, F., Visaggio, C.A.: An HMM and structural entropy based detector for android malware: an empirical study. Comput. Secur. 61, 1–18 (2016)Google Scholar
  6. 6.
    Christiaan, B., Douglas, F., Paula, G., Yashashree, G., Francisca, M.: Mcafee threats report. Technical report, McAfee (2012). in/resources/reports/rp-quarterly-threat-q1-2012.pdf
  7. 7.
    Christiaan, B., Douglas, F., Paula, G., Yashashree, G., Francisca, M.: Mcafee labs threats report. Technical report, McAfee (2015).
  8. 8.
    Christiaan, B., Douglas, F., Paula, G., Yashashree, G., Francisca, M.: McAfee labs threats report. Technical report (2017).
  9. 9.
    Clay, J.: Trend micro, continued rise in mobile threats for 2016 (2015).
  10. 10.
    Das, S., Liu, Y., Zhang, W., Chandramohan, M.: Semantics-based online malware detection: towards efficient real-time protection against malware. IEEE Trans. Inf. Forensics Secur. 11(2), 289–302 (2016)Google Scholar
  11. 11.
    Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998–1022 (2015)Google Scholar
  12. 12.
    Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G., Furnell, S.: Androdialysis: analysis of android intent effectiveness in malware detection. Comput. Secur. 65, 121–134 (2017)Google Scholar
  13. 13.
    Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: automated security certification of android. Technical report, University of Maryland Department of Computer Science (2009)Google Scholar
  14. 14.
    Gandhewar, N., Sheikh, R.: Google android: an emerging software platform for mobile devices. Int. J. Comput. Sci. Eng. 1(1), 12–17 (2010)Google Scholar
  15. 15.
    Jang, J.W., Kang, H., Woo, J., Mohaisen, A., Kim, H.K.: Andro-dumpsys: anti-malware system based on the similarity of malware creator and malware centric information. Comput. Secur. 58, 125–138 (2016)Google Scholar
  16. 16.
    Jerome, Q., Allix, K., State, R., Engel, T.: Using opcode-sequences to detect malicious android applications. In: 2014 IEEE International Conference on Communications (ICC), IEEE, pp. 914–919 (2014)Google Scholar
  17. 17.
    Kang, B., Yerima, S.Y., Mclaughlin, K., Sezer, S.: N-opcode analysis for android malware classification and categorization. In: 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security), pp. 1–7 (2016)Google Scholar
  18. 18.
    Kapratwar, A.: Static and dynamic analysis for android malware detection. Master’s thesis, San Jose State University (2016)Google Scholar
  19. 19.
    Lab, K.: Red alert: Kaspersky lab reviews the malware situation in Q3. Technical report (2014)Google Scholar
  20. 20.
    Lab, K.: Securelist: mobile malware evolution. Technical report (2015)Google Scholar
  21. 21.
    Lab., Q.H.: Threat report 3rd quarter, 2015. Quick heal lab (2015).
  22. 22.
    Narayanan, A., Yang, L., Chen, L., Jinliang, L.: Adaptive and scalable android malware detection through online learning. In: 2016 International Joint Conference on Neural Networks (IJCNN), IEEE, pp. 2484–2491 (2016)Google Scholar
  23. 23.
    Naval, S., Laxmi, V., Rajarajan, M., Gaur, M.S., Conti, M.: Employing program semantics for malware detection. IEEE Trans. Inf. Forensics Secur. 10(12), 2591–2604 (2015)Google Scholar
  24. 24.
    Olmstead, K., Atkinson, M.: Apps permissions in the Google Play store. Technical report, Pew Research Center (2016)Google Scholar
  25. 25.
    Rashidi, B., Fung, C., Bertino, E.: Android resource usage risk assessment using hidden Markov model and online learning. Comput. Secur. 65, 90–107 (2017)Google Scholar
  26. 26.
    Sahay, S.K., Sharma, A.: Grouping the executables to detect malwares with high accuracy. Procedia Comput. Sci. 78, 667–674 (2016)CrossRefGoogle Scholar
  27. 27.
    Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G.: On the automatic categorisation of android applications. In: 2012 IEEE Consumer Communications and Networking Conference (CCNC), IEEE, pp. 149–153 (2012)Google Scholar
  28. 28.
    Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: effective and efficient behavior-based android malware detection and prevention. IEEE Trans. Dependable Secur. Comput. 99, 1–1 (2017)Google Scholar
  29. 29.
    Seo, S.H., Gupta, A., Sallam, A.M., Bertino, E., Yim, K.: Detecting mobile malware threats to homeland security through static analysis. J. Netw. Comput. Appl. 38, 43–53 (2014)Google Scholar
  30. 30.
    Sharma, A., Sahay, K.S.: An investigation of the classifiers to detect android malicious apps. In: Proceedings of ICICT 2016 Information and Communication Technology, vol. 625, pp. 207–217. Springer, Berlin (2017)Google Scholar
  31. 31.
    Sharma, A., Sahay, S.K.: Evolution and detection of polymorphic and metamorphic malwares: a survey. Int. J. Comput. Appl. 90(2), 7–11 (2014)Google Scholar
  32. 32.
    Sharma, A., Sahay, S.K.: An effective approach for classification of advanced malware with high accuracy. Int. J. Secur. Appl. 10(4), 249–266 (2016)Google Scholar
  33. 33.
    Sharma, A., Sahay, S.K.: Group-wise classification approach to improve android malicious apps detection accuracy. Int. J. Netw. Secur. (2018) (In Press)Google Scholar
  34. 34.
    Sharma, A., Sahay, S.K., Kumar, A.: Improving the detection accuracy of unknown malware by partitioning the executables in groups. In: Advanced Computing and Communication Technologies, pp. 421–431. Springer, Berlin (2016)Google Scholar
  35. 35.
    Shaun, A., Tareq, A., Peter, C., Mayee, C., Jon, D.: Internet security threat report. Technical report, Symantec (2014).
  36. 36.
    Shaun, A., Tareq, A., Peter, C., Mayee, C., Jon, D.: Internet security threat report 2016. Technical report, Symantec Corporation (2016)Google Scholar
  37. 37.
    Shaun, A., Tareq, A., Peter, C., Mayee, C., Jon, D.: Internet security threat report 2017. Technical report, Symentec (2017)Google Scholar
  38. 38.
    Souri, A., Hosseini, R.: A state-of-the-art survey of malware detection approaches using data mining techniques. Hum.-Centric Comput. Inf. Sci. 8(3), 22 (2018)Google Scholar
  39. 39.
    Spreitzenbarth, M., Freiling, F., Echtler, F., Schreck, T., Hoffmann, J.: Mobile-sandbox: having a deeper look into android applications. In: Proceedings of the 28th Annual ACM Symposium on Applied Computing, ACM, pp. 1808–1815 (2013)Google Scholar
  40. 40.
    Statista: number of available applications in the Google Play store from December 2009 to February 2016 (2016).
  41. 41.
    Tam, K., Feizollah, A., Anuar, N.B., Salleh, R., Cavallaro, L.: The evolution of android malware and android analysis techniques. ACM Comput. Surv. 49, 1–41 (2017)Google Scholar
  42. 42.
    Vidas, T., Christin, N., Cranor, L.: Curbing android permission creep. In: Proceedings of the Web, vol. 2, pp. 91–96 (2011)Google Scholar
  43. 43.
    Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: Droidmat: android malware detection through manifest and API calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security (Asia JCIS), IEEE, pp. 62–69 (2012)Google Scholar
  44. 44.
    Xu, K., Li, Y., Deng, R.H.: ICCdetector: ICC-based malware detection on android. IEEE Trans. Inf. Forensics Secur. 11(6), 1252–1264 (2016)Google Scholar
  45. 45.
    Zheng, M., Sun, M., Lui, J.C.: Droid analytics: a signature based analytic system to collect, extract, analyze and associate android malware. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), IEEE, pp. 163–171 (2013)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Department of CS and ISBITS, PilaniSancoaleIndia
  2. 2.C3i, CSEIIT KanpurKanpurIndia

Personalised recommendations