An effective behavior‐based Android malware detection system

Abstract

AbstractWith the rapid growth of Android applications and malware, it has become a challenge to distinguish malware from a huge number of applications. The use of behavioral analytics is one of the most promising approaches because of its accuracy and resilience to malware variants. In this paper, we propose a behavior‐based malware detection system. Firstly, it uses Android APIs and libc (Bionic libc) function calls along with their arguments to describe sensitive application behaviors. Secondly, it conducts behavior analysis and malware detection using machine learning techniques, including Support Vector Machine, Naïve Bayes, and Decision Tree. The experiments are conducted with 1136 real‐world samples that are composed of various types of malware and benign applications. The evaluation results show that our system can effectively detect Android malware. In addition, we compare our system with the other behavior‐based malware detection system, and the comparison results show the advantage of our system on malware detection. Copyright © 2014 John Wiley & Sons, Ltd.