Research Article
Hybrid Detection Using Permission Analysis for Android Malware
@INPROCEEDINGS{10.1007/978-3-319-23829-6_40, author={Haofeng Jiao and Xiaohong Li and Lei Zhang and Guangquan Xu and Zhiyong Feng}, title={Hybrid Detection Using Permission Analysis for Android Malware}, proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I}, proceedings_a={SECURECOMM}, year={2015}, month={11}, keywords={Android Hybrid detection Euclidean distance Cosine similarity}, doi={10.1007/978-3-319-23829-6_40} }- Haofeng Jiao
Xiaohong Li
Lei Zhang
Guangquan Xu
Zhiyong Feng
Year: 2015
Hybrid Detection Using Permission Analysis for Android Malware
SECURECOMM
Springer
DOI: 10.1007/978-3-319-23829-6_40
Abstract
The growth of malicious applications poses a great threat to the Android platform. In order to detect Android malware, this paper proposes a hybrid detection method based on permission. Firstly, applications are detected according to their permissions so that benign and malicious applications can be discriminated. Secondly, suspicious applications are run in order to collect the function calls related to sensitive permissions. Then suspicious applications are represented in a vector space model and their feature vectors are calculated by TF-IDF algorithm. Finally, the detection of suspicious applications is completed via security detection techniques adopting Euclidean distance and cosine similarity. At the end of this paper, an experiment including 982 samples is used as an empirical validation. The result shows that our method has a true positive rate at 91.2 % and a false positive rate at 2.1 %.