Android Malware Analysis Using Ensemble Features

Abstract

AbstractThis paper presents a static feature extraction framework for Android malware analysis. The techniques are implemented by extracting prominent features from the components of Android application package i.e. AndroidManifest.XML files. Five different types of features likely permissions, count of permission, hardware features, software features as well as API calls from 1175 .apk files are mined for performing the investigation. The objective of this work is to evaluate if independent features are effective in comparison to ensemble features. Feature reduction is performed to investigate the impact of varied feature length on classification accuracy. Feature selection techniques such as Bi–Normal Separation, Mutual Information, Relevancy score, Kolmogorov dependence and Kullback Leibler are administered to choose the significant attributes. The proposed method introduced here using dimensionality reduction and machine learning algorithms produces an overall classification accuracy of 93.02% with ensemble features. Comparing the empirical results of ensemble features with individual features, the former improved the classification accuracy with Bi–Normal Separation.KeywordsAndroid malwareEnsemble featuresFeature selectionStatic Analysis