Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

Wei Wang; Meichen Zhao; Zhenzhen Gao; Guangquan Xu; Hequn Xian; Yuanyuan Li; Xiangliang Zhang

doi:10.1109/ACCESS.2019.2918139

IEEE Access (Jan 2019)

Constructing Features for Detecting Android Malicious Applications: Issues, Taxonomy and Directions

Wei Wang,
Meichen Zhao,
Zhenzhen Gao,
Guangquan Xu,
Hequn Xian,
Yuanyuan Li,
Xiangliang Zhang

Affiliations

Wei Wang: ORCiD; Beijing Key Laboratory of Security and Privacy in Intelligent Transportation, Beijing Jiaotong University, Beijing, China
Meichen Zhao: Beijing Key Laboratory of Security and Privacy in Intelligent Transportation, Beijing Jiaotong University, Beijing, China
Zhenzhen Gao: Beijing Key Laboratory of Security and Privacy in Intelligent Transportation, Beijing Jiaotong University, Beijing, China
Guangquan Xu: ORCiD; Tianjin Key Laboratory of Advanced Networking (TANK), College of Intelligence and Computing, Tianjin University, Tianjin, China
Hequn Xian: College of Computer Science and Technology, Qingdao University, Qingdao, China
Yuanyuan Li: Beijing Key Laboratory of Security and Privacy in Intelligent Transportation, Beijing Jiaotong University, Beijing, China
Xiangliang Zhang: Division of Computer, Electrical and Mathematical Sciences and Engineering, King Abdullah University of Science and Technology (KAUST), Thuwal, Saudi Arabia

DOI: https://doi.org/10.1109/ACCESS.2019.2918139
Journal volume & issue: Vol. 7
pp. 67602 – 67631

Abstract

Read online

The number of applications (apps) available for smart devices or Android based IoT (Internet of Things) has surged dramatically over the past few years. Meanwhile, the volume of ill-designed or malicious apps (malapps) has been growing explosively. To ensure the quality and security of the apps in the markets, many approaches have been proposed in recent years to discriminate malapps from benign ones. Machine learning is usually utilized in classification process. Accurately characterizing apps' behaviors, or so-called features, directly affects the detection results with machine learning algorithms. Android apps evolve very fast. The size of current apps has become increasingly large and the behaviors of apps have become increasingly complicated. The extracting effective and representative features from apps is thus an ongoing challenge. Although many types of features have been extracted in existing work, to the best of our knowledge, no work has systematically surveyed the features constructed for detecting Android malapps. In this paper, we are motivated to provide a clear and comprehensive survey of the state-of-the-art work that detects malapps by characterizing behaviors of apps with various types of features. Through the designed criteria, we collect a total of 1947 papers in which 236 papers are used for the survey with four dimensions: the features extracted, the feature selection methods employed if any, the detection methods used, and the scale of evaluation performed. Based on our in-depth survey, we highlight the issues of exploring effective features from apps, provide the taxonomy of these features and indicate the future directions.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords