Security and Privacy in Communication Networks. 9th International ICST Conference, SecureComm 2013, Sydney, NSW, Australia, September 25-28, 2013, Revised Selected Papers

Research Article

DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android

Download
876 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-04283-1_6,
        author={Yousra Aafer and Wenliang Du and Heng Yin},
        title={DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android},
        proceedings={Security and Privacy in Communication Networks. 9th International ICST Conference, SecureComm 2013, Sydney, NSW, Australia, September 25-28, 2013, Revised Selected Papers},
        proceedings_a={SECURECOMM},
        year={2014},
        month={6},
        keywords={Android malware static detection classification},
        doi={10.1007/978-3-319-04283-1_6}
    }
    
  • Yousra Aafer
    Wenliang Du
    Heng Yin
    Year: 2014
    DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-04283-1_6
Yousra Aafer1, Wenliang Du1,*, Heng Yin1,*
  • 1: Syracuse University
*Contact email: wedu@syr.edu, heyin@syr.edu

Abstract

The increasing popularity of Android apps makes them the target of malware authors. To defend against this severe increase of Android malwares and help users make a better evaluation of apps at install time, several approaches have been proposed. However, most of these solutions suffer from some shortcomings; computationally expensive, not general or not robust enough. In this paper, we aim to mitigate Android malware installation through providing and classifiers. We have conducted a thorough analysis to extract relevant features to malware behavior captured at API level, and evaluated different classifiers using the generated feature set. Our results show that we are able to achieve an accuracy as high as 99% and a false positive rate as low as 2.2% using KNN classifier.