A detection model of malicious Android applications based on Naive Bayes

Abstract

With the popularity of mobile devices, thousands of malicious applications targeting mobile devices, including the popular Android platform, are created on a daily basis, which cause substantial losses for their users. How to detect malicious applications efficiently has become a new and ever-growing challenge. However, previous studies overlooked malicious potential permission combinations as a feature in detection. In this paper, according to the Android permission mechanism, we propose and implement a detection model based on Naive Bayes. The model utilises the Apriori algorithm to effectively mine the potential correlation in permissions among the various malicious applications. Then, in order to improve the performance of the Android malware detection system, the additional feature methodology proposed in this paper is used to deal with samples which have dangerous permission combinations. Combined with the improved Naive Bayes classifier, samples are classified into two categories. The experimental result reveals that the optimal detection rate in our detection model is 95.63%. Thus, it significantly improves the accuracy of the Naive Bayes in the detection of malicious Android applications.