Abstract:With the advent of smart phones, the popularity of free Android applications has risen rapidly. This has led to malicious Android apps being involuntarily installed, which violate the user privacy or conduct attack. Malware detection on Android platforms therefore is a growing concern because of the undesirable similarity between malicious behavior and benign behavior, which can lead to slow detection, and allow compromises to persist for comparatively long periods of time in infected phones. The contributions of this paper are first a multiple dimensional, kernel feature-based framework and feature weight-based detection (WBD) designed to categorize and comprehend the characteristics of Android malware and benign apps. Furthermore, our software agent is orchestrated and implemented for the data collection and storage to scan thousands of benign and malicious apps automatically. We examine 112 kernel attributes of executing the task data structure in the Android system and evaluate the detection accuracy with a number of datasets of various dimensions. We find that memory-and signal-related features contribute to more precise classification than schedule-related and other descriptors of task states listed in our paper. Particularly, memory-related features provide fine-grain classification policies for preserving higher classification precision than the signal-related and others. Furthermore, we study and evaluate 80 newly infected attributes of the Android kernel task structure, prioritizing the 70 features of most significance based on dimensional reduction to optimize the efficiency of high-dimensional classification. Our second contribution is that our experiments demonstrate that, as compared to existing techniques with a short list of task structure features (16 or 32 features), our method can achieve 94%-98% accuracy and 2%-7% false positive rate, while detecting malware apps with reduced-dimensional features that adequately abbreviate online malware detections and advance offline malware inspections. (c) 2021 Elsevier B.V. All rights reserved.

Android Malware Detection Through Machine Learning on Kernel Task Structures.

LSTM Android Malicious Behavior Analysis Based on Feature Weighting

KerTSDroid: Detecting Android Malware at Scale Through Kernel Task Structures.

Effective and Explainable Detection of Android Malware Based on Machine Learning Algorithms

Research of Malware Detection Approach for Android

Detecting Android Malware Based on Dynamic Feature Sequence and Attention Mechanism

A Novel Approach for Mobile Malware Classification and Detection in Android Systems.

Identifying Android Malware with System Call Co‐occurrence Matrices

Droiddetector: Android Malware Characterization and Detection Using Deep Learning

A Detection Method and System Implementation for Android Malware

An Efficient Android Malware Detection System Based on Method-Level Behavioral Semantic Analysis.

OpCode-Level Function Call Graph Based Android Malware Classification Using Deep Learning

Android Malware Detection Based on Sensitive Patterns

Effective Android Malware Detection Based on Deep Learning

An Android Behavior-Based Malware Detection Method Using Machine Learning

Two Effective Methods to Detect Mobile Malware

Investigating Feature and Model Importance in Android Malware Detection: An Implemented Survey and Experimental Comparison of ML-Based Methods

Android Malware Detection of Calls Tracing with AndroidManifest and API

An android malware detection approach using multi-feature fusion and TF-IDF algorithm

Detection of Malicious Behavior in Android Apps Through API Calls and Permission Uses Analysis.

Adaptive and Scalable Android Malware Detection through Online Learning