Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13–14, 2019, Proceedings

Research Article

Android Malware Detection Based on Sensitive Permissions and APIs

  • @INPROCEEDINGS{10.1007/978-3-030-21373-2_10,
        author={Chunhui Zhao and Chundong Wang and Wenbai Zheng},
        title={Android Malware Detection Based on Sensitive Permissions and APIs},
        proceedings={Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13--14, 2019, Proceedings},
        proceedings_a={SPNCE},
        year={2019},
        month={6},
        keywords={Permissions and APIs Android malware detection Mutual information Ensemble learning algorithm},
        doi={10.1007/978-3-030-21373-2_10}
    }
    
  • Chunhui Zhao
    Chundong Wang
    Wenbai Zheng
    Year: 2019
    Android Malware Detection Based on Sensitive Permissions and APIs
    SPNCE
    Springer
    DOI: 10.1007/978-3-030-21373-2_10
Chunhui Zhao,*, Chundong Wang, Wenbai Zheng
    *Contact email: 574878671@qq.com

    Abstract

    With the widespread use of the Android operating system, the number of applications based on the Android platform is growing. How to effectively identify malware is critical to the security of phones. This paper proposes an Android malware detection method based on the combination of sensitive permissions and API features. This method extracts the permission features and API features by decompiling the APK file, and then uses the mutual information to select sensitive permissions and APIs as feature sets. On this basis, an ensemble learning model based on decision tree classifier and KNN classifier is used to quickly and accurately detect unknown APKs. The experimental results show that the discriminative accuracy of the proposed method is higher than that of the permission set or the API set alone, and the accuracy rate can reach up to 95.5%.