Skip to main content
SpringerLink
Log in

ALDROID: efficient update of Android anti-virus software using designated active learning methods

  • Regular Paper
  • Published:
Knowledge and Information Systems Aims and scope Submit manuscript

Abstract

Many new unknown malwares aimed at compromising smartphones are created constantly. These widely used smartphones are very dependent on anti-virus solutions due to their limited resources. To update the anti-virus signature repository, anti-virus vendors must deal with vast quantities of new applications daily in order to identify new unknown malwares. Machine learning algorithms have been used to address this task, yet they must also be efficiently updated on a daily basis. To improve detection and updatability, we introduce a new framework, “ALDROID” and active learning (AL) methods on which ALDROID is based. Our methods are aimed at selecting only new informative applications (benign and especially malicious), thus reducing the labeling efforts of security experts, and enable a frequent and efficient process of enhancing the framework’s detection model and Android’s anti-virus software. Results indicate that our AL methods outperformed other solutions including the existing AL method and heuristic engine. Our AL methods acquired the largest number and percentage of new malwares, while preserving the detection models’ detection capabilities (high TPR and low FPR rates). Specifically, our methods acquired more than double the amount of new malwares acquired by the heuristic engine and 6.5 times more malwares than the existing AL method.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. www.ise.bgu.ac.il/engineering/PersonalWebSite1main.aspx?id=VMidijue.

References

  1. Abou-Assaleh T, Cercone N, Keselj V, Sweidan R (2004) N-gram based detection of new malicious code. In: Proceedings of the 28th annual international computer software and applications conference (COMPSAC’04)

  2. Andriatsimandefitra R, Geller S, Tong VVT (2012) Designing information flow policies for Android’s operating system. In: 2012 IEEE International conference on communications (ICC), 10–15 June 2012, pp 976–981

  3. Angluin D (1988) Queries and concept learning. Mach Learn 2:319–342

    MathSciNet  Google Scholar 

  4. Apvrille A, Strazzere T (2012) Reducing the window of opportunity for Android malware Gotta catch ’em all. J Comput Virol 8(1–2):61–71

    Article  Google Scholar 

  5. Baram Y, El-Yaniv R, Luz K (2004) Online choice of active learning algorithms. J Mach Learn Res 5:255–291

    MathSciNet  Google Scholar 

  6. Batyuk L, Herpich M, Camtepe SA, Raddatz K, Schmidt A, Albayrak S (2011) Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications. In: 2011 6th International conference on malicious and unwanted software (MALWARE), 18–19 October 2009, pp 66–72

  7. Bläsing T, Batyuk L, Schmidt A-D, Camtepe SA, Albayrak S (2010) An Android Application Sandbox system for suspicious software detection. In: 2010 5th International conference on malicious and unwanted software (MALWARE), 19–20 October 2010, pp 55–62

  8. Bulygin Y (2007) Epidemics of mobile worms. In: Proceedings of the 26th IEEE international performance computing and communications conference, IPCCC 2007, April 11–13, 2007, New Orleans, Louisiana, USA. IEEE Computer Society, pp 475–478

  9. Burges CJC (1988) A tutorial on support vector machines for pattern recognition. Data Min Knowl Discov 2:121–167

    Article  Google Scholar 

  10. Chang CC, Lin C-J (2001) LIBSVM: a library for support vector machines. http://www.csie.ntu.edu.tw/cjlin/libsvm

  11. Dagon D, Martin T, Starner T (2004) Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Comput 3(4):11–15

  12. Desnos A (2013) (Visited June 2013) Androguard reverse engineering tool. http://code.google.com/p/androguard/

  13. Fawcett T (2003) ROC graphs: notes and practical considerations for researchers. Technical report, HPL-2003-4, HP Laboratories

  14. Ham H-S, Choi M-J (2013) Analysis of Android malware detection performance using machine learning classifiers. In: 2013 International conference on ICT Convergence (ICTC). IEEE

  15. Hand DJ, Till RJ (2001) A simple generalisation of the area under the ROC curve for multiple class classification problems. Mach Learn 45:171–186

    Article  MATH  Google Scholar 

  16. Henchiri O, Japkowicz N (2006) A feature selection and evaluation scheme for computer virus detection. In: Proceedings of ICDM-2006, Hong Kong, pp 891–895

  17. Herbrich R, Graepel T, Campbell C (2001) Bayes point machines. J Mach Learn Res 1:245–279. doi:10.1162/153244301753683717

    MathSciNet  MATH  Google Scholar 

  18. http://code.google.com/p/smali/

  19. http://code.google.com/p/xml-apk-parser/

  20. http://contagiominidump.blogspot.co.il/

  21. http://docs.oracle.com/javase/tutorial/security/apisign/gensig.html

  22. http://jon.oberheide.org/applications/summercon12-bouncer.pdf

  23. http://source.android.com/tech/dalvik/dex-format.html

  24. http://www.avgmobilation.com/

  25. http://www.csc.ncsu.edu/faculty/jiang/DroidKungFu.html

  26. http://www.malgenomeproject.org/

  27. http://www.securelist.com/en/analysis/204792250/IT_Threat_Evolution_Q3_2012

  28. http://www.strazzere.com/papers/DexEducation-PracticingSafeDex.pdf

  29. http://www.symantec.com/security_response/writeup.jsp?docid=2003-011711-1226-99

  30. https://blog.lookout.com/blog/2011/03/01/security-alert-malware-found-in-official-android-market-droiddream/

  31. https://blog.lookout.com/_media/Geinimi_Trojan_Teardown.pdf

  32. https://www.virustotal.com/

  33. Ikinci A, Holz T, Freiling FC (2008) Monkey-spider: detecting malicious websites with low-interaction honeyclients. In: Sicherheit, pp 407–421

  34. Kiem H, Thuy NT, Quang TMN (2004) A machine learning approach to anti-virus system (2004) Joint workshop of Vietnamese society of AI, SIGKBS-JSAI, ICS-IPSJ and IEICE-SIGAI on active mining, Hanoi-Vietnam, 4–7 December 2004, pp 61–65

  35. Kolter JZ, Maloof MA (2004) Learning to detect malicious executables in the wild. In: Proceedings of the tenth ACM SIGKDD international conference on knowledge discovery and data mining. ACM Press, New York, NY, pp 470–478

  36. Kolter J, Maloof M (2006) Learning to detect and classify malicious executables in the wild. J Mach Learn Res 7:2721–2744

    MathSciNet  MATH  Google Scholar 

  37. Leavitt N (2005) Mobile phones: the next frontier for hackers? Computer 38(4):20–23

    Article  Google Scholar 

  38. Lewis D, Gale W (1994) A sequential algorithm for training text classifiers. In: Proceedings of the seventeenth annual international ACM-SIGIR conference on research and development in information retrieval. Springer, pp 3–12

  39. Lin Y-D, Lai Y-C, Chen C-H, Tsai H-C (2013) Identifying android malicious repackaged applications by thread-grained system call sequences. Comput Secur 39(Part B):340–350. doi:10.1016/j.cose.2013.08.010

    Article  Google Scholar 

  40. Luoshi Z, Yan N, Xiao W, Zhaoguo W, Yibo X (2013) A3: automatic analysis of Android malware. In: 1st International workshop on cloud computing and information security. Atlantis Press, November 2013

  41. Mansfield-Devine S (2012) Android malware and mitigations. Netw Secur 2012(11):12–20. doi:10.1016/S1353-4858(12)70104-6

    Article  Google Scholar 

  42. Masud M, Khan L, Thuraisingham B (2007) Feature based techniques for auto-detection of novel email worms. In: Advances in knowledge discovery and data mining

  43. Mokube I, Adams M (2007) Honeypots: concepts, approaches, and challenges. In: ACMSE 2007. Winston-Salem, North Carolina, USA, 23–24 March, pp 321–325

  44. Moskovitch R, Stopel D, Feher C, Nissim N, Japkowicz N, Elovici Y (2009) Unknown malcode detection and the imbalance problem. J Comput Virol 5(4):295–308

    Article  Google Scholar 

  45. Moskovitch R, Nissim N, Elovici Y (2008) Acquisition of malicious code using active learning. In; 2nd ACM SIGKDD international workshop on privacy, security, and trust in KDD, PinKDD08, Springer, Lectures Notes in Computer Sciences, Las Vegas, USA, vol 5456, 25 August 2008, pp 74–91

  46. Moskovitch R, Nissim N, Elovici Y (2009) Malicious code detection using active learning. In: Privacy, security, and trust in KDD, pp 74–91

  47. Moskovitch R, Nissim N, Englert R, Elovici Y (2008) Detection of unknown computer worms activity using active learning. In: The 11th International conference on information fusion, Cologne, Germany, June 30–July 3

  48. Moskovitch R, Stopel D, Feher C, Nissim N, Elovici Y (2008) Unknown malcode detection via text categorization and the imbalance problem. In: IEEE intelligence and security informatics (ISI08), Taiwan

  49. Nissim N, Moskovitch R, Rokach L, Elovici Y (2012) Detecting unknown computer worm activity via support vector machines and active learning. Pattern Anal Appl 15:459–475

    Article  MathSciNet  Google Scholar 

  50. Nissim N, Cohen A, Glezer C, Elovici Y (2015) Detection of malicious PDF files and directions for enhancements: a state-of-the art survey. Comput Secur 48:246–266. doi:10.1016/j.cose.2014.10.014

    Article  Google Scholar 

  51. Nissim N, Boland MR, Moskovitch R, Tatonetti NP, Elovici Y, Shahar Y, Hripcsak G (2015) An active learning framework for efficient condition severity classification. In: Artificial intelligence in medicine. Springer International Publishing (AIME-15), pp 13–24

  52. Nissim N, Borland M, Moskovitch R, Tatonetti N, Elovici Y, Shahar Y, Hripcsak G (2014) An active learning enhancement for conditions severity classification. In: ACM KDD on workshop on connected health at big data era, NYC, USA

  53. Nissim N, Cohen A, Moskovitch R, Shabtai A, Edry M, Bar-Ad O, Elovici Y (2014) ALPD: active learning framework for enhancing the detection of malicious PDF files. In: Intelligence and security informatics conference (JISIC), 2014 IEEE joint. IEEE, September 2014, pp 91–98

  54. Nissim N, Moskovitch R, Rokach L, Elovici Y (2014) Novel active learning methods for enhanced PC malware detection in windows OS. Expert Syst Appl 41(13):5843–5857

  55. Oberheide J, Cooke E, Jahanian F (2008) Cloudav: N-version antivirus in the network cloud. In: Proceedings of the 17th USENIX security symposium (Security’08), San Jose, CA, July 2008

  56. Oberheide J, Miller J (2012) Dissecting the android bouncer. SummerCon2012, New York

  57. Peng H, Gates C, Sarma B, Li N, Qi A, Potharaju R, Nita-Rotaru C, Molloy I (2012) Using probabilistic generative models for ranking risks of Android Apps. In: Proceedings of ACM CCS

  58. Piercy M (2004) Embedded devices next on the virus target list. IEEE Electron Syst Softw 2:42–43

    Article  Google Scholar 

  59. Provos N, Holz T (2008) Virtual honeypots: from botnet tracking to intrusion detection. Addison-Wesley, Upper Saddle River

    Google Scholar 

  60. Rastogi V, Chen Y, Jiang X (2013) DroidChameleon: evaluating Android anti-malware against transformation attacks. Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security. ACM

  61. Sanz B, Santos I, Galán-García P, Laorden C, Ugarte-Pedrero X, Bringas PG, Alvarez PUMA G (2012) Permission Usage to detect Malware in Android. In: Proceedings of the 5th international conference on computational intelligence in security for information systems (CISIS). Ostrava (Czech Republic), 5–7 September 2012

  62. Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Bringas PG (2012) On the automatic categorisation of android applications. In: 2012 IEEE Consumer communications and networking conference (CCNC), 14–17 January, pp 149–153

  63. Sarma B, Li N, Gates C, Potharaju R, Nita-Rotaru C (2012) Android permissions: a perspective combining risks and benefits. In: Proceedings of SACMAT

  64. Schmidt A-D, Bye R, Schmidt H-G, Clausen J, Kiraz O, Yuksel KA, Camtepe SA, Albayrak S (2009) Static analysis of executables for collaborative malware detection on Android. In: IEEE international conference on communications, 2009 ICC’09, 14–18 June 2009, pp 1–5

  65. Schmidt A-D, Schmidt H-G, Batyuk L, Clausen JH, Camtepe SA, Albayrak S, Yildizli C (2009) Smartphone malware evolution revisited: android next target? In: 2009 4th International conference on malicious and unwanted software (MALWARE), 13–14 October 2009, pp 1–7

  66. Schultz M, Eskin E, Zadok E, Stolfo S (2001) Data mining methods for detection of new malicious executables. In: Proceedings of the IEEE symposium on security and privacy, pp 178–184

  67. Seo S-H, Gupta A, Sallam AM, Bertino E, Yim K (2014) Detecting mobile malware threats to homeland security through static analysis. J Netw Comput Appl 38:43–53. doi:10.1016/j.jnca.2013.05.008

    Article  Google Scholar 

  68. Shabtai A, Fledel Y, Kanonov U, Elovici Y, Dolev S, Glezer C (2010) Google android: a comprehensive security assessment. IEEE Secur Priv 2:35–44

    Article  Google Scholar 

  69. Shabtai A, Fledel Y, Elovici Y (2010) Automated static code analysis for classifying Android applications using machine learning. In: 2010 International conference on computational intelligence and security (CIS), 11–14 December 2010, pp 329–333

  70. Shabtai A, Tenenboim-Chekina L, Mimran D, Rokach L, Shapira, B, Elovici Y (2014) Mobile malware detection through analysis of deviations in application network behavior. Comput Secur 43:1–18

  71. Shih DH, Lin B, Chiang HS, Shih MH (2008) Security aspects of mobile phone virus: a critical survey. Ind Manag Data Syst 108(4):478–494

    Article  Google Scholar 

  72. Suarez-Tangil G et al (2014) Dendroid: a text mining approach to analyzing and classifying code structures in Android malware families. Expert Syst Appl 41(4):1104–1117

    Article  Google Scholar 

  73. Tahan G, Rokach L, Shahar Y (2012) Mal-ID: automatic malware detection using common segment analysis and meta-features. J Mach Learn Res 13:949–979

    MathSciNet  MATH  Google Scholar 

  74. Tong S, Koller D (2000–2001) Support vector machine active learning with applications to text classification. J Mach Learn Res 2:45–66

  75. Wang X, Yu W, Champion A, Fu X, Xuan D (2007) Worms via mining dynamic program execution. In: Security and privacy in communications networks and the workshops, 2007. SecureComm 2007. Third international conference security and privacy in communication networks and the workshops, SecureComm, pp 412–421

  76. Yu ZHU, Wang X-C, Shen H-B (2008) Detection method of computer worms based on SVM. Mech Electr Eng Mag 8

  77. Zhang Y et al (2013) Vetting undesirable behaviors in android apps with permission use analysis. In: Proceedings of the 2013 ACM SIGSAC conference on computer & communications security. ACM

  78. Zhao M, Zhang T, Ge F, Yuan Z (2012) RobotDroid: a lightweight malware detection framework on smartphones. JNW 7(4):715–722

    Article  Google Scholar 

  79. Zhao W, Long J, Yin J, Cai Z, Xia G-M (2012) Sampling attack against active learning in adversarial environment. In: MDAI, pp 222–233

  80. Zheng M, Lee PPC, Lui JCS (2013) Adam: an automatic and extensible platform to stress test android anti-virus systems. In: Detection of intrusions and malware, and vulnerability assessment. Springer, Berlin, Heidelberg, pp 82–101

  81. Zhou Y et al (2012) Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: Proceedings of the 19th annual network and distributed system security symposium

  82. Zhou Y, Jiang X (2012) Dissecting android malware: characterization and evolution. In: 2012 IEEE symposium on security and privacy (SP). IEEE, pp 95–109, May 2012

  83. Zhou W, Zhou Y, Jiang X, Ning P (2012) Detecting repackaged smartphone applications in third-party Android marketplaces. In: Proceedings of the second ACM conference on data and application security and privacy. ACM, pp 317–326

Download references

Acknowledgments

This research was partly supported by the National Cyber Bureau of the Israeli Ministry of Science, Technology and Space.

Author information

Authors and Affiliations

  1. Ben Gurion University of the Negev, Beersheba, Israel

    Nir Nissim, Oren BarAd, Lior Rokach & Yuval Elovici

  2. Columbia University, New York, NY, USA

    Robert Moskovitch

Authors
  1. Nir Nissim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Robert Moskovitch
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Oren BarAd
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lior Rokach
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yuval Elovici
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nir Nissim.

Appendix

Appendix

List of features we used:

number_of_activities

number_of_services

number_of_recivers

number_of_permissions

number_of_providers

man_is_meta_data

perm_android.intent.category.MASTER_CLEAR.permission.C2D_MESSAGE

perm_android.permission.ACCESS_ALL_EXTERNAL_STORAGE

perm_android.permission.ACCESS_CACHE_FILESYSTEM

perm_android.permission.ACCESS_CHECKIN_PROPERTIES

perm_android.permission.ACCESS_COARSE_LOCATION

perm_android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY

perm_android.permission.ACCESS_FINE_LOCATION

perm_android.permission.ACCESS_LOCATION_EXTRA_COMMANDS

perm_android.permission.ACCESS_MOCK_LOCATION

perm_android.permission.ACCESS_MTP

perm_android.permission.ACCESS_NETWORK_STATE

perm_android.permission.ACCESS_SURFACE_FLINGER

perm_android.permission.ACCESS_WIFI_STATE

perm_android.permission.ACCESS_WIMAX_STATE

perm_android.permission.ACCOUNT_MANAGER

perm_android.permission.ALLOW_ANY_CODEC_FOR_PLAYBACK

perm_android.permission.ASEC_ACCESS

perm_android.permission.ASEC_CREATE

perm_android.permission.ASEC_DESTROY

perm_android.permission.ASEC_MOUNT_UNMOUNT

perm_android.permission.ASEC_RENAME

perm_android.permission.AUTHENTICATE_ACCOUNTS

perm_android.permission.BACKUP

perm_android.permission.BATTERY_STATS

perm_android.permission.BIND_ACCESSIBILITY_SERVICE

perm_android.permission.BIND_APPWIDGET

perm_android.permission.BIND_DEVICE_ADMIN

perm_android.permission.BIND_DIRECTORY_SEARCH

perm_android.permission.BIND_INPUT_METHOD

perm_android.permission.BIND_KEYGUARD_APPWIDGET

perm_android.permission.BIND_PACKAGE_VERIFIER

perm_android.permission.BIND_REMOTEVIEWS

perm_android.permission.BIND_TEXT_SERVICE

perm_android.permission.BIND_VPN_SERVICE

perm_android.permission.BIND_WALLPAPER

perm_android.permission.BLUETOOTH

perm_android.permission.BLUETOOTH_ADMIN

perm_android.permission.BLUETOOTH_STACK

perm_android.permission.BRICK

perm_android.permission.BROADCAST_PACKAGE_REMOVED

perm_android.permission.BROADCAST_SMS

perm_android.permission.BROADCAST_STICKY

perm_android.permission.BROADCAST_WAP_PUSH

perm_android.permission.CALL_PHONE

perm_android.permission.CALL_PRIVILEGED

perm_android.permission.CAMERA

perm_android.permission.CHANGE_BACKGROUND_DATA_SETTING

perm_android.permission.CHANGE_COMPONENT_ENABLED_STATE

perm_android.permission.CHANGE_CONFIGURATION

perm_android.permission.CHANGE_NETWORK_STATE

perm_android.permission.CHANGE_WIFI_MULTICAST_STATE

perm_android.permission.CHANGE_WIFI_STATE

perm_android.permission.CHANGE_WIMAX_STATE

perm_android.permission.CLEAR_APP_CACHE

perm_android.permission.CLEAR_APP_USER_DATA

perm_android.permission.CONFIGURE_WIFI_DISPLAY

perm_android.permission.CONFIRM_FULL_BACKUP

perm_android.permission.CONNECTIVITY_INTERNAL

perm_android.permission.CONTROL_LOCATION_UPDATES

perm_android.permission.CONTROL_WIFI_DISPLAY

perm_android.permission.COPY_PROTECTED_DATA

perm_android.permission.CRYPT_KEEPER

perm_android.permission.DELETE_CACHE_FILES

perm_android.permission.DELETE_PACKAGES

perm_android.permission.DEVICE_POWER

perm_android.permission.DIAGNOSTIC

perm_android.permission.DISABLE_KEYGUARD

perm_android.permission.DUMP

perm_android.permission.EXPAND_STATUS_BAR

perm_android.permission.FACTORY_TEST

perm_android.permission.FILTER_EVENTS

perm_android.permission.FLASHLIGHT

perm_android.permission.FORCE_BACK

perm_android.permission.FORCE_STOP_PACKAGES

perm_android.permission.FREEZE_SCREEN

perm_android.permission.GET_ACCOUNTS

perm_android.permission.GET_DETAILED_TASKS

perm_android.permission.GET_PACKAGE_SIZE

perm_android.permission.GET_TASKS

perm_android.permission.GLOBAL_SEARCH

perm_android.permission.GLOBAL_SEARCH_CONTROL

perm_android.permission.GRANT_REVOKE_PERMISSIONS

perm_android.permission.HARDWARE_TEST

perm_android.permission.INJECT_EVENTS

perm_android.permission.INSTALL_LOCATION_PROVIDER

perm_android.permission.INSTALL_PACKAGES

perm_android.permission.INTERACT_ACROSS_USERS

perm_android.permission.INTERACT_ACROSS_USERS_FULL

perm_android.permission.INTERNAL_SYSTEM_WINDOW

perm_android.permission.INTERNET

perm_android.permission.KILL_BACKGROUND_PROCESSES

perm_android.permission.MAGNIFY_DISPLAY

perm_android.permission.MANAGE_ACCOUNTS

perm_android.permission.MANAGE_APP_TOKENS

perm_android.permission.MANAGE_NETWORK_POLICY

perm_android.permission.MANAGE_USB

perm_android.permission.MANAGE_USERS

perm_android.permission.MASTER_CLEAR

perm_android.permission.MODIFY_APPWIDGET_BIND_PERMISSIONS

perm_android.permission.MODIFY_AUDIO_SETTINGS

perm_android.permission.MODIFY_NETWORK_ACCOUNTING

perm_android.permission.MODIFY_PHONE_STATE

perm_android.permission.MOUNT_FORMAT_FILESYSTEMS

perm_android.permission.MOUNT_UNMOUNT_FILESYSTEMS

perm_android.permission.MOVE_PACKAGE

perm_android.permission.NET_ADMIN

perm_android.permission.NET_TUNNELING

perm_android.permission.NFC

perm_android.permission.PACKAGE_USAGE_STATS

perm_android.permission.PACKAGE_VERIFICATION_AGENT

perm_android.permission.PERFORM_CDMA_PROVISIONING

perm_android.permission.PERSISTENT_ACTIVITY

perm_android.permission.PROCESS_OUTGOING_CALLS

perm_android.permission.READ_CALENDAR

perm_android.permission.READ_CALL_LOG

perm_android.permission.READ_CELL_BROADCASTS

perm_android.permission.READ_CONTACTS

perm_android.permission.READ_DREAM_STATE

perm_android.permission.READ_EXTERNAL_STORAGE

perm_android.permission.READ_FRAME_BUFFER

perm_android.permission.READ_INPUT_STATE

perm_android.permission.READ_LOGS

perm_android.permission.READ_NETWORK_USAGE_HISTORY

perm_android.permission.READ_PHONE_STATE

perm_android.permission.READ_PRIVILEGED_PHONE_STATE

perm_android.permission.READ_PROFILE

perm_android.permission.READ_SMS

perm_android.permission.READ_SOCIAL_STREAM

perm_android.permission.READ_SYNC_SETTINGS

perm_android.permission.READ_SYNC_STATS

perm_android.permission.READ_USER_DICTIONARY

perm_android.permission.REBOOT

perm_android.permission.RECEIVE_BOOT_COMPLETED

perm_android.permission.RECEIVE_DATA_ACTIVITY_CHANGE

perm_android.permission.RECEIVE_EMERGENCY_BROADCAST

perm_android.permission.RECEIVE_MMS

perm_android.permission.RECEIVE_SMS

perm_android.permission.RECEIVE_WAP_PUSH

perm_android.permission.RECORD_AUDIO

perm_android.permission.REMOTE_AUDIO_PLAYBACK

perm_android.permission.REMOVE_TASKS

perm_android.permission.REORDER_TASKS

perm_android.permission.RESTART_PACKAGES

perm_android.permission.RETRIEVE_WINDOW_CONTENT

perm_android.permission.RETRIEVE_WINDOW_INFO

perm_android.permission.SEND_SMS

perm_android.permission.SEND_SMS_NO_CONFIRMATION

perm_android.permission.SERIAL_PORT

perm_android.permission.SET_ACTIVITY_WATCHER

perm_android.permission.SET_ALWAYS_FINISH

perm_android.permission.SET_ANIMATION_SCALE

perm_android.permission.SET_DEBUG_APP

perm_android.permission.SET_KEYBOARD_LAYOUT

perm_android.permission.SET_ORIENTATION

perm_android.permission.SET_POINTER_SPEED

perm_android.permission.SET_PREFERRED_APPLICATIONS

perm_android.permission.SET_PROCESS_LIMIT

perm_android.permission.SET_SCREEN_COMPATIBILITY

perm_android.permission.SET_TIME

perm_android.permission.SET_TIME_ZONE

perm_android.permission.SET_WALLPAPER

perm_android.permission.SET_WALLPAPER_COMPONENT

perm_android.permission.SET_WALLPAPER_HINTS

perm_android.permission.SHUTDOWN

perm_android.permission.SIGNAL_PERSISTENT_PROCESSES

perm_android.permission.START_ANY_ACTIVITY

perm_android.permission.STATUS_BAR

perm_android.permission.STATUS_BAR_SERVICE

perm_android.permission.STOP_APP_SWITCHES

perm_android.permission.SUBSCRIBED_FEEDS_READ

perm_android.permission.SUBSCRIBED_FEEDS_WRITE

perm_android.permission.SYSTEM_ALERT_WINDOW

perm_android.permission.TEMPORARY_ENABLE_ACCESSIBILITY

perm_android.permission.UPDATE_DEVICE_STATS

perm_android.permission.UPDATE_LOCK

perm_android.permission.USE_CREDENTIALS

perm_android.permission.USE_SIP

perm_android.permission.VIBRATE

perm_android.permission.WAKE_LOCK

perm_android.permission.WRITE_APN_SETTINGS

perm_android.permission.WRITE_CALENDAR

perm_android.permission.WRITE_CALL_LOG

perm_android.permission.WRITE_CONTACTS

perm_android.permission.WRITE_DREAM_STATE

perm_android.permission.WRITE_EXTERNAL_STORAGE

perm_android.permission.WRITE_GSERVICES

perm_android.permission.WRITE_MEDIA_STORAGE

perm_android.permission.WRITE_PROFILE

perm_android.permission.WRITE_SECURE_SETTINGS

perm_android.permission.WRITE_SETTINGS

perm_android.permission.WRITE_SMS

perm_android.permission.WRITE_SOCIAL_STREAM

perm_android.permission.WRITE_SYNC_SETTINGS

perm_android.permission.WRITE_USER_DICTIONARY

perm_com.android.alarm.permission.SET_ALARM

perm_com.android.browser.permission.READ_HISTORY_BOOKMARKS

perm_com.android.browser.permission.WRITE_HISTORY_BOOKMARKS

perm_com.android.voicemail.permission.ADD_VOICEMAIL

perm_com.fede.launcher.permission.READ_SETTINGS

perm_com.htc.launcher.permission.READ_SETTINGS

perm_com.lge.launcher.permission.INSTALL_SHORTCUT

perm_com.lge.launcher.permission.READ_SETTINGS

perm_com.motorola.dlauncher.permission.INSTALL_SHORTCUT

perm_com.motorola.dlauncher.permission.READ_SETTINGS

perm_com.motorola.launcher.permission.INSTALL_SHORTCUT

perm_com.motorola.launcher.permission.READ_SETTINGS

perm_org.adw.launcher.permission.READ_SETTINGS

number_of_classes

number_of_classes_1-5

number_of_classes_5-10

number_of_classes_10-15

number_of_classes_15+

dex_strings_count

dex_activities

dex_services

dex_recivers

dex_bouncycastle_use

dex_opengl_use

dex_crypto_use

dex_man_diff_Activities

dex_man_diff_Services

dex_man_diff_Recivers

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Nissim, N., Moskovitch, R., BarAd, O. et al. ALDROID: efficient update of Android anti-virus software using designated active learning methods. Knowl Inf Syst 49, 795–833 (2016). https://doi.org/10.1007/s10115-016-0918-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10115-016-0918-z

Keywords

Search

Navigation