Research Article
Android Malware Detection Using Ensemble Learning on Sensitive APIs
@INPROCEEDINGS{10.1007/978-3-030-73429-9_8, author={Junhui Yu and Chunlei Zhao and Wenbai Zheng and Yunlong Li and Chunxiang Zhang and Chao Chen}, title={Android Malware Detection Using Ensemble Learning on Sensitive APIs}, proceedings={Edge Computing and IoT: Systems, Management and Security. First EAI International Conference, ICECI 2020, Virtual Event, November 6, 2020, Proceedings}, proceedings_a={ICECI}, year={2021}, month={7}, keywords={Android Sensitive API Mutual information Malware detection}, doi={10.1007/978-3-030-73429-9_8} }- Junhui Yu
Chunlei Zhao
Wenbai Zheng
Yunlong Li
Chunxiang Zhang
Chao Chen
Year: 2021
Android Malware Detection Using Ensemble Learning on Sensitive APIs
ICECI
Springer
DOI: 10.1007/978-3-030-73429-9_8
Abstract
In recent years, with the quiet popularity of mobile payment methods, mobile terminal equipment also have potential security problems while facilitating people’s lives. Behavior-based Android malware detection is mostly based on permission analysis and API calls. In this paper, we propose a static Android malicious detection scheme based on sensitive API calls. We extracted all APIs called in the experimental samples through decompilation, and then calculated and ranked the threats related to these APIs according to the mutual information model, selected the top 20 sensitive API calls, and generated a 20-dimensional feature vector for each application. In the classification process, an integrated learning model based on DT classifier, kNN classifier and SVM classifier is used to effectively detect unknown APK samples. We collected 516 benign samples and 528 malicious samples. Through a large number of experiments, the results show that the accuracy of our scheme can be up to 94%, and the precision is up to 95%.