GENDroid - a graph-based ensemble classifier for detecting Android malware

Abstract

Recent years have witnessed a noticeable growth in the development of stealthy Android-based malware which has led to a pressing need for accurate malware detection systems. In this paper, we propose a graph-based ensemble classifier - GENDroid that performs ensemble learning using different graph-based classification techniques. The proposed classifier combines the predictions of three graph-based base classifiers using majority voting. The main advantage of our proposed classifier is that by combining diverse graph-based classifiers, a more accurate classifier can be learned. We experimentally demonstrate a substantial improvement of our proposed method over the individual graph-based classifiers on three datasets of benign and malicious Android apps. The results are backed up by using statistical tests. The robustness of GENDroid against one of the most widely used anti-forensics techniques - code obfuscation, is also verified empirically. GENDroid is also found to be resilient to the evolution of APIs and achieved very high accuracy.