A Study on Android Malware Detection Using Machine Learning Algorithms

Today, Android has become the most popular operating system because of its salient features. As it is an open-source mobile OS, several developers are developing and publishing their android applications. On the other side, attackers are manipulating those applications in the form of malicious software (Malware) by leveraging the application or functional flow of android OS and those malwares create loss or leakage of confidential sensitive information. Though most anti-virus software affords defence against malware attacks, still the attacks are highly possible in the real time adversarial environment. In this paper, the machine learning-based detection method is designed by combining the features of application namely permission and activity which are obtained during the installation of apps. In our design, permissions and activities of each app are extracted making use of Androguard tool. Using this feature combination, malicious apps are classified as either benign or malicious. The advantage of this method is that there is no need for any dynamic analysis. In our experimentation, we used real-world app samples with 500 malware and 500 benign to train the algorithm for better performance. Based on the experimentation results, highest detection rate is attained by Random Forest (RF) with 95% of accuracy and lowest detection rate is obtained by K-Nearest Neighbors (KNN) with 79% of accuracy.