Abstract
Android is the most widely used mobile operating system (OS). A large number of third-party Android application (app) markets have emerged. The absence of third-party market regulation has prompted research institutions to propose different malware detection techniques. However, due to improvements of malware itself and Android system, it is difficult to design a detection method that can efficiently and effectively detect malicious apps for a long time. Meanwhile, adopting more features will increase the complexity of the model and the computational cost of the system. Permissions play a vital role in the security of the Android apps. Term Frequency—Inverse Document Frequency (TF-IDF) is used to assess the importance of a word for a file set in a corpus. The static analysis method does not need to run the app. It can efficiently and accurately extract the permissions from an app. Based on this cognition and perspective, in this paper, a new static detection method based on TF-IDF and Machine Learning is proposed. The system permissions are extracted in Android application package’s (Apk’s) manifest file. TF-IDF algorithm is used to calculate the permission value (PV) of each permission and the sensitivity value of apk (SVOA) of each app. The SVOA and the number of the used permissions are learned and tested by machine learning. 6070 benign apps and 9419 malware are used to evaluate the proposed approach. The experiment results show that only use dangerous permissions or the number of used permissions can’t accurately distinguish whether an app is malicious or benign. For malware detection, the proposed approach achieve up to 99.5% accuracy and the learning and training time only needs 0.05s. For malware families detection, the accuracy is 99.6%. The results indicate that the method for unknown/new sample’s detection accuracy is 92.71%. Compared against other state-of-the-art approaches, the proposed approach is more effective by detecting malware and malware families.
Highlights
The number of smartphone users is growing rapidly
We discuss the importance of android system permission in android app’ security
It is found that the accuracy of the proposed model is higher under the 10-fold cross-validation method and the J48 classifier
Summary
The number of smartphone users is growing rapidly. The open-source mobile operating system Android is very popular among mobile users and developers. In 2017, 85.0% of new smartphones sold used Android operating system [2]. Continuous increase in the number of Android apps. Android users are able to choose between 3.8 million apps at the first quarter of 2018 [3]. Due to the openness of the Android system, the download of third-party Android apps has increased dramatically in recent years. Lack of the supervision leads to the increasingly security issues of Android apps. Malware can cause Android users’ privacy disclosure, short message service (SMS) interception (which can lead to account theft, network payment security issues), malicious deduction, automatic transmission of virus links to other people in the address book, etc. A fast and efficient detection system is extremely needed [5]
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.