Combining Static Permissions and Dynamic Packet Analysis to Improve Android Malware Detection

Yung Ching Shyong, Tzung Han Jeng, Yi Ming Chen

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

13 Scopus citations

Abstract

Nowadays Android smart mobile devices have become the main target of malware developers, so detecting and preventing Android malware has become an important issue of information security. Therefore, this paper proposes an Android application classification system that combines static permissions and dynamic packet analysis. This system first obtains the static information of Android applications through static analysis, classifies the applications as benign or malicious through machine learning, and avoids excessive dynamic data collection time by filtering out benign applications. Then in the dynamic analysis stage, the malware's network traffic is used to extract multiple types of features, and then machine learning is used to achieve the malware family classification. The experimental results showed that the accuracy rate of the static model for malicious and benign classification was 98.86%. On the other hand, the accuracy of the dynamic model proposed in this paper for family classification of applications is 96%, which is better than 94.33% of DroidClassifier [1]. The final experiment confirmed that the system proposed in this paper can not only save 52.5% of dynamic data collection time but also improve the accuracy of Android application family classification.

Original languageEnglish
Title of host publication2020 2nd International Conference on Computer Communication and the Internet, ICCCI 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages75-81
Number of pages7
ISBN (Electronic)9781728158006
DOIs
StatePublished - Jun 2020
Event2nd International Conference on Computer Communication and the Internet, ICCCI 2020 - Nagoya, Japan
Duration: 26 Jun 202029 Jun 2020

Publication series

Name2020 2nd International Conference on Computer Communication and the Internet, ICCCI 2020

Conference

Conference2nd International Conference on Computer Communication and the Internet, ICCCI 2020
Country/TerritoryJapan
CityNagoya
Period26/06/2029/06/20

Keywords

  • Android malware detection
  • application family classification
  • dynamic analysis
  • static analysis

Fingerprint

Dive into the research topics of 'Combining Static Permissions and Dynamic Packet Analysis to Improve Android Malware Detection'. Together they form a unique fingerprint.

Cite this