FamDroid: Learning-Based Android Malware Family Classification Using Static Analysis

by   Wenhao fan, et al.

Android is currently the most extensively used smartphone platform in the world. Due to its popularity and open source nature, Android malware has been rapidly growing in recent years, and bringing great risks to users' privacy. The malware applications in a malware family may have common features and similar behaviors, which are beneficial for malware detection and inspection. Thus, classifying Android malware into their corresponding families is an important task in malware analysis. At present, the main problem of existing research works on Android malware family classification lies in that the extracted features are inadequate to represent the common behavior characteristics of the malware in malicious families, and leveraging a single classifier or a static ensemble classifier is restricted to further improve the accuracy of classification. In this paper, we propose FamDroid, a learning-based Android malware family classification scheme using static analysis technology. In FamDroid, the explicit features including permissions, hardware components, app components, intent filters are extracted from the apk files of a malware application. Besides, a hidden feature generated from the extracted APIs is used to represents the API call relationship in the application. Then, we design an adaptive weighted ensemble classifier, which considers the adaptability of the sample to each base classifier, to carry out accurate malware family classification. We conducted experiments on the Drebin dataset which contains 5560 Android malicious applications. The superiority of FamDroid is demonstrated through comparing it with 5 traditional machine learning models and 4 state-of-the-art reference schemes. FamDroid can correctly classify 98.92 99.12


page 1

page 9


Analysis, Detection, and Classification of Android Malware using System Calls

With the increasing popularity of Android in the last decade, Android is...

Android Malware Category and Family Detection and Identification using Machine Learning

Android malware is one of the most dangerous threats on the internet, an...

Detecting and Classifying Android Malware using Static Analysis along with Creator Information

Thousands of malicious applications targeting mobile devices, including ...

DAEMON: Dataset-Agnostic Explainable Malware Classification Using Multi-Stage Feature Mining

Numerous metamorphic and polymorphic malicious variants are generated au...

A Longitudinal Study of Cryptographic API – a Decade of Android Malware

Cryptography has been extensively used in Android applications to guaran...

DeepIntent: ImplicitIntent based Android IDS with E2E Deep Learning architecture

The Intent in Android plays an important role in inter-process and intra...

Function Identification in Android Binaries with Deep Learning

Application security support has become a preference for the enterprise ...

Please sign up or login with your details

Forgot password? Click here to reset