PLoS ONE (Jan 2021)

A static analysis approach for Android permission-based malware detection systems.

  • Juliza Mohamad Arif,
  • Mohd Faizal Ab Razak,
  • Suryanti Awang,
  • Sharfah Ratibah Tuan Mat,
  • Nor Syahidatul Nadiah Ismail,
  • Ahmad Firdaus

DOI
https://doi.org/10.1371/journal.pone.0257968
Journal volume & issue
Vol. 16, no. 9
p. e0257968

Abstract

Read online

The evolution of malware is causing mobile devices to crash with increasing frequency. Therefore, adequate security evaluations that detect Android malware are crucial. Two techniques can be used in this regard: Static analysis, which meticulously examines the full codes of applications, and dynamic analysis, which monitors malware behaviour. While both perform security evaluations successfully, there is still room for improvement. The goal of this research is to examine the effectiveness of static analysis to detect Android malware by using permission-based features. This study proposes machine learning with different sets of classifiers was used to evaluate Android malware detection. The feature selection method in this study was applied to determine which features were most capable of distinguishing malware. A total of 5,000 Drebin malware samples and 5,000 Androzoo benign samples were utilised. The performances of the different sets of classifiers were then compared. The results indicated that with a TPR value of 91.6%, the Random Forest algorithm achieved the highest level of accuracy in malware detection.