Skip to main content
Springer Nature Link
Log in

Identification of Significant Permissions for Efficient Android Malware Detection

  • Conference paper
  • First Online:
Broadband Communications, Networks, and Systems (BROADNETS 2020)

  • 520 Accesses

Abstract

Since Google unveiled Android OS for smartphones, malware are thriving with 3Vs, i.e. volume, velocity and variety. A recent report indicates that one out of every five business/industry mobile application leaks sensitive personal data. Traditional signature/heuristic based malware detection systems are unable to cope up with current malware challenges and thus threaten the Android ecosystem. Therefore recently researchers have started exploring machine learning and deep learning based malware detection systems. In this paper, we performed a comprehensive feature analysis to identify the significant Android permissions and propose an efficient Android malware detection system using machine learning and deep neural network. We constructed a set of 16 permissions (\(8\%\) of the total set) derived from variance threshold, auto-encoders, and principal component analysis to build a malware detection engine which consumes less train and test time without significant compromise on the model accuracy. Our experimental results show that the Android malware detection model based on the random forest classifier is most balanced and achieves the highest area under curve score of \(97.7\%\), which is better than the current state-of-art systems. We also observed that deep neural networks attain comparable accuracy to the baseline results but with a massive computational penalty.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.trendmicro.com/vinfo/us/threat-encyclopedia/archive/malware/creeper.472.b.

  2. 2.

    https://www.f-secure.com/v-descs/cabir_dropper.shtml.

  3. 3.

    https://attack.mitre.org/.

  4. 4.

    https://developer.android.com/guide/topics/permissions/overview.

  5. 5.

    https://play.google.com/store.

  6. 6.

    https://www.virustotal.com/gui/home/upload.

  7. 7.

    https://ibotpeaches.github.io/Apktool/.

  8. 8.

    https://developer.android.com/reference/android/Manifest.permission.

References

  1. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.: Drebin: effective and explainable detection of android malware in your pocket. NDSS Symp. 14, 23–26 (2014)

    Google Scholar 

  2. Daniel, W., Liu, X., Nusaputra, C., Hu, B., Wang, Y., Xing, M.: Strategies in improving android security. In: Pacific Asia Conference on Information Systems (PACIS) (2014). https://aisel.aisnet.org/pacis2014/275

  3. Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 1–29 (2014)

    Article  Google Scholar 

  4. Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutorials 17(2), 998–1022 (2014)

    Article  Google Scholar 

  5. G DATA: Cyber attacks on Android devices on the rise (2018). https://www.gdatasoftware.com/blog/2018/11/31255-cyber-attacks-on-android-devices-on-the-rise. Accessed May 2020

  6. Harris, M.A., Brookshire, R., Patten, K., Regan, B.: Mobile application installation influences: have mobile device users become desensitized to excessive permission requests. In: Americas Conference on Information Systems (AMCIS), pp. 13–15 (2015).https://aisel.aisnet.org/amcis2015/ISSecurity/GeneralPresentations/4/

  7. Hicks, C., Dietrich, G.: An exploratory analysis in android malware trends. Americas Conference on Information Systems (AMCIS) (2016). https://aisel.aisnet.org/amcis2016/ISSec/Presentations/35/

  8. Hou, S., Saas, A., Ye, Y., Chen, L.: DroidDelver: an android malware detection system using deep belief network based on API call blocks. In: Song, S., Tong, Y. (eds.) WAIM 2016. LNCS, vol. 9998, pp. 54–66. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47121-1_5

    Chapter  Google Scholar 

  9. Kemp, S.: GLOBAL DIGITAL REPORT (2018). https://digitalreport.wearesocial.com/. Accessed May 2020

  10. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Ind. Inf. 14(7), 3216–3225 (2018)

    Article  Google Scholar 

  11. Li, W., Wang, Z., Cai, J., Cheng, S.: An android malware detection approach using weight-adjusted deep learning. In: International Conference on Computing, Networking and Communications (ICNC), pp. 437–441. IEEE (2018)

    Google Scholar 

  12. Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., Van Der Veen, V., Platzer, C.: Andrubis-1,000,000 apps later: a view on current Android malware behaviors. In: IEEE BADGERS, pp. 3–17. IEEE (2014)

    Google Scholar 

  13. McAfee: McAfee Labs Threats Report: December 2018, January 2019. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-dec-2018.pdf. Accessed May 2020

  14. Nguyen, T., McDonald, J.T., Glisson, W.B.: Exploitation and detection of a malicious mobile application. In: Hawaii International Conference on System Sciences (HICSS) (2017). https://aisel.aisnet.org/hicss-50/st/mobile_app_development/4

  15. Patri, O., Wojnowicz, M., Wolff, M.: Discovering malware with time series shapelets. In: Hawaii International Conference on System Sciences (HICSS) (2017). https://aisel.aisnet.org/hicss-50/st/digital_forensics/4

  16. Rhue, L.: Beauty’s in the AI of the beholder: how AI anchors subjective and objective predictions. In: International Conference on Information Systems (ICIS) (2019). https://aisel.aisnet.org/icis2019/future_of_work/future_work/15/

  17. O’Dea, S.: Global smartphone shipments forecast from 2010 to 2019 (2016). http://www.statista.com/statistics/263441/global-smartphone-shipments-forecast/. Accessed May 2020

  18. Sahay, S.K., Sharma, A., Rathore, H.: Evolution of malware and its detection techniques. In: Tuba, M., Akashe, S., Joshi, A. (eds.) Information and Communication Technology for Sustainable Development. AISC, vol. 933, pp. 139–150. Springer, Singapore (2020). https://doi.org/10.1007/978-981-13-7166-0_14

    Chapter  Google Scholar 

  19. Sarma, B.P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: ACM symposium on Access Control Models and Technologies (SACMAT), pp. 13–22 (2012)

    Google Scholar 

  20. Sewak, M., Sahay, S.K., Rathore, H.: Comparison of deep learning and the classical machine learning algorithm for the malware detection. In: 19th IEEE/ACIS SNPD, pp. 293–296. IEEE (2018)

    Google Scholar 

  21. Sewak, M., Sahay, S.K., Rathore, H.: Deepintent: implicitintent based android ids with e2e deep learning architecture. In: 2020 IEEE 31st Annual International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 1–6. IEEE (2020)

    Google Scholar 

  22. Sharma, A., Sahay, S.K.: An investigation of the classifiers to detect android malicious apps. In: Information and Communication Technology, pp. 207–217. Springer (2018)

    Google Scholar 

  23. Symantec: Internet Security Threat Report (2019). https://www.symantec.com/content/dam/symantec/docs/reports/istr-24-2019-en.pdf. Accessed May 2020

  24. Tam, K., Feizollah, A., Anuar, N.B., Salleh, R., Cavallaro, L.: The evolution of android malware and android analysis techniques. ACM Comput. Surv. (CSUR) 49(4), 1–41 (2017)

    Article  Google Scholar 

  25. Tao, G., Zheng, Z., Guo, Z., Lyu, M.R.: Malpat: mining patterns of malicious and benign android apps via permission-related APIS. IEEE Trans. Reliab. 67(1), 355–369 (2017)

    Article  Google Scholar 

  26. Wang, Z., Cai, J., Cheng, S., Li, W.: DroidDeepLearner: identifying android malware using deep learning. In: IEEE 37th Sarnoff Symposium, pp. 160–165. IEEE (2016)

    Google Scholar 

  27. Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: Droidmat: android malware detection through manifest and API calls tracing. In: Asia Joint Conference on Information Security, pp. 62–69. IEEE (2012)

    Google Scholar 

  28. Ye, Y., Li, T., Adjeroh, D., Iyengar, S.S.: A survey on malware detection using data mining techniques. ACM Comput. Surv. 50(3), 1–40 (2017)

    Article  Google Scholar 

  29. Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy (IEEE S&P), pp. 95–109 (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CS and IS, Goa Campus, BITS Pilani, Goa, India

    Hemant Rathore, Sanjay K. Sahay, Ritvik Rajvanshi & Mohit Sewak

Authors
  1. Hemant Rathore
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sanjay K. Sahay
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ritvik Rajvanshi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohit Sewak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hemant Rathore .

Editor information

Editors and Affiliations

  1. Computing Center, Shanghai University, Shanghai, China

    Honghao Gao

  2. University of Valladolid, Valladolid, Spain

    Ramón J. Durán Barroso

  3. China University of Petroleum, Hangzhou, China

    Pang Shanchen

  4. Xidian University, Xi’an, China

    Rui Li

Rights and permissions

Reprints and permissions

Copyright information

© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rathore, H., Sahay, S.K., Rajvanshi, R., Sewak, M. (2021). Identification of Significant Permissions for Efficient Android Malware Detection. In: Gao, H., J. Durán Barroso, R., Shanchen, P., Li, R. (eds) Broadband Communications, Networks, and Systems. BROADNETS 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 355. Springer, Cham. https://doi.org/10.1007/978-3-030-68737-3_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68737-3_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68736-6

  • Online ISBN: 978-3-030-68737-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics