Abstract
Android malware detection has become increasingly important over the past few years, due to the popularity of Android devices and the explosive growth of Android applications. This asks for more effective techniques to detect the Android malware. Some works in the literature show that the opcode sequences have a remarkable effect on Android malware detection. However, they omitted the information contained in operand sequences. In this paper, we do not analyse the opcode sequences but the API calls used in operand sequences, and abstract the API calls to their package names with the aim to be resilient to API changes in different Android API levels. In order to avoid to be computationally expensive, we only capitalize on the n-grams analysis. In addition, we apply the package level information extracted from API calls to build a Android malware prediction model. We perform experiments on malicious Android applications, composed of 5560 malware samples which are belong to Drebin dataset, 361 malware samples collected from Contagio Mobile Malware and 5900 benign Android applications retrieved from Google Play. Results show that the accuracy of our approach exceeds the opcode n-grams in some ways.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
