Abstract
Android receives major attention from security practitioners and researchers due to the influx number of malicious applications. For the past twelve years, Android malicious applications have been grouped into families. In the research community, detecting new malware families is a challenge. As we investigate, most of the literature reviews focus on surveying malware detection. Characterizing the malware families can improve the detection process and understand the malware patterns. For this reason, we conduct a comprehensive survey on the state-of-the-art Android malware familial detection, identification, and categorization techniques. We categorize the literature based on three dimensions: type of analysis, features, and methodologies and techniques. Furthermore, we report the datasets that are commonly used. Finally, we highlight the limitations that we identify in the literature, challenges, and future research directions regarding the Android malware family.
Highlights
Android Operating system has become the dominant mobile OS in the market capturing 86%in 2017, Gartner [1]
As we investigate the scientific databases on Android malware, we found that most of the current detection techniques are focusing on malware detection
We focus on reviewing the literature for the past ten years based on what has been published on the scientific databases regarding Android malware families
Summary
Android Operating system has become the dominant mobile OS in the market capturing 86%. Android contains four main components that form the building blocks of the app [69]: Activities, Services, Broadcast receiver, and Content providers. Android framework provides a list of APIs that a developer can call to extend the functionality of the hardware without direct use of lower layers of the architecture Such functionalities are managing user interface (UI) elements, accessing shared data storage, and passing messages between application components. We limit our discussion on two main files: the manifest file (Androidmanifest.xml) and the code file (classes.dex). The manifest file is an XML format file that provides beforehand a set of information about the app and declaration of the app components Information such as the app’s package name and version number, permissions required by the application, app entry points, and registered intents.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
