Skip to main content
SpringerLink
Log in

Permission-Based Feature Scaling Method for Lightweight Android Malware Detection

  • Conference paper
  • First Online:
Knowledge Science, Engineering and Management (KSEM 2019)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 11775))

Abstract

Android system has gained the highest market share due to its openness and portability in the mobile ecosystem. Whereas, users are suffering from serious security issues these years. Many malicious Android applications are released in popular app stores and it’s hard to distinguish them. Most of the current malware detection researches are focus on collecting features as much as possible for better performance instead of mining information inside the simple features. Scaling is an effective means to improve classification results while scaling the features for a large bundle of apps remains a challenging work. In this paper, we propose a malware detection method based on Machine Learning (ML) using permission usage analysis to cope with the rapid increase in the number of Android malware, named Permission Feature Selection (PFS). PFS uses Android permission as a classification feature with high utilization. The method greatly shortens the time cost in detection without reducing the detection accuracy and makes it possible to scan large-scale samples in a short time. Besides, various experiments were designed on real-world datasets to verify the reliability of the method. The results of the evaluation show that the proposed method performed better than other feature scaling methods with 91.2% accuracy and the average time cost reduced to less than 2 s.

This work was supported in by the National Key Research and Development Program of China-the Key Technologies for High Security Mobile Terminals (Grant No.2017YFB0801903), and the Youth Star project of the Institute of Information Engineering, CAS (No. Y8YS016104).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Statcounter. https://gs.statcounter.com/os-market-share/mobile/worldwide. Accessed 15 Apr 2019

  2. McAfee Labs Threats Report. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-dec-2018.pdf

  3. IT Threat Evolution. https://securelist.com/it-threat-evolution-q2-2018-statistics/87170

  4. Yuan, Z., et al.: Droid-Sec: deep learning in android malware detection. ACM SIGCOMM Comput. Commun. Rev. 44(4), 371–372 (2014)

    Article  Google Scholar 

  5. Narayanan, A., et al.: Adaptive and scalable android malware detection through online learning. In: 2016 International Joint Conference on Neural Networks (IJCNN), pp. 2484–2491. IEEE (2016)

    Google Scholar 

  6. Sun, J., et al.: Malware detection on Android smartphones using keywords vector and SVM. In: 16th International Conference on Computer and Information Science (ICIS), pp. 833–838. IEEE (2017)

    Google Scholar 

  7. Kim, T., et al.: A multimodal deep learning method for android malware detection using various features. IEEE Trans. Inf. Forensics Secur. 14(3), 773–788 (2019)

    Article  Google Scholar 

  8. Wang, C., Lan, Y.: PFESG: permission-based android malware feature extraction algorithm. In: Proceedings of the 2017 VI International Conference on Network, Communication and Computing, pp. 106–109. ACM (2017)

    Google Scholar 

  9. Qiao, Y., Yun, X., Zhang, Y.: How to automatically identify the homology of different malware. In: 2016 IEEE Trustcom/BigDataSE/ISPA, pp. 929–936. IEEE (2016)

    Google Scholar 

  10. Li, Z.-Q., et al.: A similar module extraction approach for android malware. In: DEStech Transactions on Computer Science and Engineering. MSO (2018)

    Google Scholar 

  11. Li, J., et al.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Industr. Inf. 14(7), 3216–3225 (2018)

    Article  Google Scholar 

  12. Li, D., Wang, Z., Xue, Y.: Fine-grained android malware detection based on deep learning. In: 2018 IEEE Conference on Communications and Network Security (CNS), pp. 1–2. IEEE (2018)

    Google Scholar 

  13. Zhu, H., et al.: DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272, 638–646 (2018)

    Article  Google Scholar 

  14. Lin, C.-H., Pao, H.-K., Liao, J.-W.: Efficient dynamic malware analysis using virtual time control mechanics. Comput. Secur. 73, 359–373 (2018)

    Article  Google Scholar 

  15. Yan, L.K., Yin, H.: DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. Presented as part of the 21st USENIX Security Symposium. USENIX Security, vol. 12, pp. 569–584 (2012)

    Google Scholar 

  16. Jordaney, R., et al.: Transcend: detecting concept drift in malware classification models. In: 26th USENIX Security Symposium. pp. 625–642 (2017)

    Google Scholar 

  17. Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 5 (2014)

    Article  Google Scholar 

  18. De Carli, L., et al.: KALI: scalable encryption fingerprinting in dynamic malware traces. In: 2017 12th International Conference on Malicious and Unwanted Software (MALWARE), pp. 3–10. IEEE (2017)

    Google Scholar 

  19. Bulazel, A., Yener, B.: A survey on automated dynamic malware analysis evasion and counter-evasion: PC, mobile, and web. In: Proceedings of the 1st Reversing and Offensive-Oriented Trends Symposium, p. 2. ACM (2017)

    Google Scholar 

  20. Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)

    Google Scholar 

  21. Petsas, T., et al.: Rage against the virtual machine: hindering dynamic analysis of android malware. In: Proceedings of the Seventh European Workshop on System Security, p. 5. ACM (2014)

    Google Scholar 

  22. VirusShare. https://virusshare.com/. Accessed 24 Apr 2019

  23. Drebin. https://www.sec.cs.tu-bs.de/~danarp/drebin/. Accessed Feb 2014

  24. Google Play. https://play.google.com/store/. Accessed Apr 2019

  25. WanDouJia. https://www.wandoujia.com/. Accessed Apr 2019

  26. VirusTotal. https://www.virustotal.com/ko/. Accessed Apr 2019

Download references

Acknowledgement

This work was supported in by the National Key Research and Development Program of China-the Key Technologies for High Security Mobile Terminals (Grant No.2017YFB0801903), and the Youth Star project of the Institute of Information Engineering, CAS (No. Y8YS016104).

Author information

Authors and Affiliations

  1. Insitute of Information Engineering, Chinese Academy of Sciences, Beijing, 100086, China

    Dali Zhu & Tong Xi

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100086, China

    Dali Zhu & Tong Xi

Authors
  1. Dali Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tong Xi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tong Xi .

Editor information

Editors and Affiliations

  1. University of Piraeus, Piraeus, Greece

    Christos Douligeris

  2. University of Vienna, Vienna, Austria

    Dimitris Karagiannis

  3. University of Piraeus, Piraeus, Greece

    Dimitris Apostolou

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhu, D., Xi, T. (2019). Permission-Based Feature Scaling Method for Lightweight Android Malware Detection. In: Douligeris, C., Karagiannis, D., Apostolou, D. (eds) Knowledge Science, Engineering and Management. KSEM 2019. Lecture Notes in Computer Science(), vol 11775. Springer, Cham. https://doi.org/10.1007/978-3-030-29551-6_63

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-29551-6_63

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-29550-9

  • Online ISBN: 978-3-030-29551-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation