Android malware detection based on sensitive features combination

Abstract

SummaryWith the development of mobile communication, Android software has increased sharply. Meanwhile, more and more malware emerges. Identifying malware in time is very important. Currently, most malware identifying methods are static, and the detection accuracy mainly depends on the classification feature and the algorithm. In order to improve the detection accuracy, reducing the dimension and difficulty of feature extraction, we propose a lightweight Android malware detection method based on sensitive features combination. After fully analyzing the static features in Android software, we improve the extraction methods of various features, define four sensitive features, and then form a sensitive features combination to more accurately reflect the characteristics of Android software with fewer features. Finally, four different machine learning classification algorithms were used to evaluate the classification effect of the sensitive features combination. The experiments show that the sensitive features combination has a good classification effect. When combined with the random forest classification algorithm, the accuracy is the highest, which could reach 97.6%.