Abstract
Recently, Android malicious code has increased dramatically and the technology of reinforcement is increasingly powerful. Due to the development of code obfuscation and polymorphic deformation technology, the current Android malicious code static detection method whose feature selected is the semantic of application source code can not completely extract malware’s code features. The Android malware static detection methods whose features used are only obtained from the AndroidManifest.xml file are easily affected by useless permissions. Therefore, there are some limitations in current Android malware static detection methods. The current Android malware dynamic detection algorithm is mostly required to customize the system or needs system root permissions. Based on the Dendritic Cell Algorithm (DCA), this paper proposes an Android malware algorithm that has a higher detection rate, does not need to modify the system, and reduces the impact of code obfuscation to a certain degree. This algorithm is applied to an Android malware detection method based on oriented Dalvik disassembly sequence and application interface (API) calling sequence. Through the designed experiments, the effectiveness of this method is verified for the detection of Android malware.
Highlights
In the second quarter of 2016, from Statista’s global market share held by the leading smartphone operating systems in sales to end users from 1st quarter 2009 to 2nd quarter 2016, it can be seen that the market share of Android equipment has reached 87.8% [1]
Due to the influence of code obfuscation and polymorphic deformation technology, most of the existing detection methods can hardly extract features that have a strong classification effect from an Android installation Package. These problems lead to the fact that it is difficult for the current Android malicious code static detection algorithm to extract the code features from the Android Package (APK) file
In addition to the detection algorithm of this paper, as a comparison, the experiment has selected support vector machines (SVM), Naive Bayes (NB), J48 Decision Tree (DT) and the k-Nearest Neighbor (KNN) algorithm to verify the effect of the classification algorithm
Summary
In the second quarter of 2016, from Statista’s global market share held by the leading smartphone operating systems in sales to end users from 1st quarter 2009 to 2nd quarter 2016, it can be seen that the market share of Android equipment has reached 87.8% [1]. The current Android security situation is grim [3], malicious code types continue to increase, and users’ privacy and personal property are still being confronted with the threat [4]. Due to the influence of code obfuscation and polymorphic deformation technology, most of the existing detection methods can hardly extract features that have a strong classification effect from an Android installation Package. These problems lead to the fact that it is difficult for the current Android malicious code static detection algorithm to extract the code features from the Android Package (APK) file
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
