Abstract
Many new unknown malwares aimed at compromising smartphones are created constantly. These widely used smartphones are very dependent on anti-virus solutions due to their limited resources. To update the anti-virus signature repository, anti-virus vendors must deal with vast quantities of new applications daily in order to identify new unknown malwares. Machine learning algorithms have been used to address this task, yet they must also be efficiently updated on a daily basis. To improve detection and updatability, we introduce a new framework, “ALDROID” and active learning (AL) methods on which ALDROID is based. Our methods are aimed at selecting only new informative applications (benign and especially malicious), thus reducing the labeling efforts of security experts, and enable a frequent and efficient process of enhancing the framework’s detection model and Android’s anti-virus software. Results indicate that our AL methods outperformed other solutions including the existing AL method and heuristic engine. Our AL methods acquired the largest number and percentage of new malwares, while preserving the detection models’ detection capabilities (high TPR and low FPR rates). Specifically, our methods acquired more than double the amount of new malwares acquired by the heuristic engine and 6.5 times more malwares than the existing AL method.
Similar content being viewed by others
References
Abou-Assaleh T, Cercone N, Keselj V, Sweidan R (2004) N-gram based detection of new malicious code. In: Proceedings of the 28th annual international computer software and applications conference (COMPSAC’04)
Andriatsimandefitra R, Geller S, Tong VVT (2012) Designing information flow policies for Android’s operating system. In: 2012 IEEE International conference on communications (ICC), 10–15 June 2012, pp 976–981
Angluin D (1988) Queries and concept learning. Mach Learn 2:319–342
Apvrille A, Strazzere T (2012) Reducing the window of opportunity for Android malware Gotta catch ’em all. J Comput Virol 8(1–2):61–71
Baram Y, El-Yaniv R, Luz K (2004) Online choice of active learning algorithms. J Mach Learn Res 5:255–291
Batyuk L, Herpich M, Camtepe SA, Raddatz K, Schmidt A, Albayrak S (2011) Using static analysis for automatic assessment and mitigation of unwanted and malicious activities within Android applications. In: 2011 6th International conference on malicious and unwanted software (MALWARE), 18–19 October 2009, pp 66–72
Bläsing T, Batyuk L, Schmidt A-D, Camtepe SA, Albayrak S (2010) An Android Application Sandbox system for suspicious software detection. In: 2010 5th International conference on malicious and unwanted software (MALWARE), 19–20 October 2010, pp 55–62
Bulygin Y (2007) Epidemics of mobile worms. In: Proceedings of the 26th IEEE international performance computing and communications conference, IPCCC 2007, April 11–13, 2007, New Orleans, Louisiana, USA. IEEE Computer Society, pp 475–478
Burges CJC (1988) A tutorial on support vector machines for pattern recognition. Data Min Knowl Discov 2:121–167
Chang CC, Lin C-J (2001) LIBSVM: a library for support vector machines. http://www.csie.ntu.edu.tw/cjlin/libsvm
Dagon D, Martin T, Starner T (2004) Mobile phones as computing devices: the viruses are coming! IEEE Pervasive Comput 3(4):11–15
Desnos A (2013) (Visited June 2013) Androguard reverse engineering tool. http://code.google.com/p/androguard/
Fawcett T (2003) ROC graphs: notes and practical considerations for researchers. Technical report, HPL-2003-4, HP Laboratories
Ham H-S, Choi M-J (2013) Analysis of Android malware detection performance using machine learning classifiers. In: 2013 International conference on ICT Convergence (ICTC). IEEE
Hand DJ, Till RJ (2001) A simple generalisation of the area under the ROC curve for multiple class classification problems. Mach Learn 45:171–186
Henchiri O, Japkowicz N (2006) A feature selection and evaluation scheme for computer virus detection. In: Proceedings of ICDM-2006, Hong Kong, pp 891–895
Herbrich R, Graepel T, Campbell C (2001) Bayes point machines. J Mach Learn Res 1:245–279. doi:10.1162/153244301753683717
http://docs.oracle.com/javase/tutorial/security/apisign/gensig.html
http://jon.oberheide.org/applications/summercon12-bouncer.pdf
http://www.securelist.com/en/analysis/204792250/IT_Threat_Evolution_Q3_2012
http://www.strazzere.com/papers/DexEducation-PracticingSafeDex.pdf
http://www.symantec.com/security_response/writeup.jsp?docid=2003-011711-1226-99
Ikinci A, Holz T, Freiling FC (2008) Monkey-spider: detecting malicious websites with low-interaction honeyclients. In: Sicherheit, pp 407–421
Kiem H, Thuy NT, Quang TMN (2004) A machine learning approach to anti-virus system (2004) Joint workshop of Vietnamese society of AI, SIGKBS-JSAI, ICS-IPSJ and IEICE-SIGAI on active mining, Hanoi-Vietnam, 4–7 December 2004, pp 61–65
Kolter JZ, Maloof MA (2004) Learning to detect malicious executables in the wild. In: Proceedings of the tenth ACM SIGKDD international conference on knowledge discovery and data mining. ACM Press, New York, NY, pp 470–478
Kolter J, Maloof M (2006) Learning to detect and classify malicious executables in the wild. J Mach Learn Res 7:2721–2744
Leavitt N (2005) Mobile phones: the next frontier for hackers? Computer 38(4):20–23
Lewis D, Gale W (1994) A sequential algorithm for training text classifiers. In: Proceedings of the seventeenth annual international ACM-SIGIR conference on research and development in information retrieval. Springer, pp 3–12
Lin Y-D, Lai Y-C, Chen C-H, Tsai H-C (2013) Identifying android malicious repackaged applications by thread-grained system call sequences. Comput Secur 39(Part B):340–350. doi:10.1016/j.cose.2013.08.010
Luoshi Z, Yan N, Xiao W, Zhaoguo W, Yibo X (2013) A3: automatic analysis of Android malware. In: 1st International workshop on cloud computing and information security. Atlantis Press, November 2013
Mansfield-Devine S (2012) Android malware and mitigations. Netw Secur 2012(11):12–20. doi:10.1016/S1353-4858(12)70104-6
Masud M, Khan L, Thuraisingham B (2007) Feature based techniques for auto-detection of novel email worms. In: Advances in knowledge discovery and data mining
Mokube I, Adams M (2007) Honeypots: concepts, approaches, and challenges. In: ACMSE 2007. Winston-Salem, North Carolina, USA, 23–24 March, pp 321–325
Moskovitch R, Stopel D, Feher C, Nissim N, Japkowicz N, Elovici Y (2009) Unknown malcode detection and the imbalance problem. J Comput Virol 5(4):295–308
Moskovitch R, Nissim N, Elovici Y (2008) Acquisition of malicious code using active learning. In; 2nd ACM SIGKDD international workshop on privacy, security, and trust in KDD, PinKDD08, Springer, Lectures Notes in Computer Sciences, Las Vegas, USA, vol 5456, 25 August 2008, pp 74–91
Moskovitch R, Nissim N, Elovici Y (2009) Malicious code detection using active learning. In: Privacy, security, and trust in KDD, pp 74–91
Moskovitch R, Nissim N, Englert R, Elovici Y (2008) Detection of unknown computer worms activity using active learning. In: The 11th International conference on information fusion, Cologne, Germany, June 30–July 3
Moskovitch R, Stopel D, Feher C, Nissim N, Elovici Y (2008) Unknown malcode detection via text categorization and the imbalance problem. In: IEEE intelligence and security informatics (ISI08), Taiwan
Nissim N, Moskovitch R, Rokach L, Elovici Y (2012) Detecting unknown computer worm activity via support vector machines and active learning. Pattern Anal Appl 15:459–475
Nissim N, Cohen A, Glezer C, Elovici Y (2015) Detection of malicious PDF files and directions for enhancements: a state-of-the art survey. Comput Secur 48:246–266. doi:10.1016/j.cose.2014.10.014
Nissim N, Boland MR, Moskovitch R, Tatonetti NP, Elovici Y, Shahar Y, Hripcsak G (2015) An active learning framework for efficient condition severity classification. In: Artificial intelligence in medicine. Springer International Publishing (AIME-15), pp 13–24
Nissim N, Borland M, Moskovitch R, Tatonetti N, Elovici Y, Shahar Y, Hripcsak G (2014) An active learning enhancement for conditions severity classification. In: ACM KDD on workshop on connected health at big data era, NYC, USA
Nissim N, Cohen A, Moskovitch R, Shabtai A, Edry M, Bar-Ad O, Elovici Y (2014) ALPD: active learning framework for enhancing the detection of malicious PDF files. In: Intelligence and security informatics conference (JISIC), 2014 IEEE joint. IEEE, September 2014, pp 91–98
Nissim N, Moskovitch R, Rokach L, Elovici Y (2014) Novel active learning methods for enhanced PC malware detection in windows OS. Expert Syst Appl 41(13):5843–5857
Oberheide J, Cooke E, Jahanian F (2008) Cloudav: N-version antivirus in the network cloud. In: Proceedings of the 17th USENIX security symposium (Security’08), San Jose, CA, July 2008
Oberheide J, Miller J (2012) Dissecting the android bouncer. SummerCon2012, New York
Peng H, Gates C, Sarma B, Li N, Qi A, Potharaju R, Nita-Rotaru C, Molloy I (2012) Using probabilistic generative models for ranking risks of Android Apps. In: Proceedings of ACM CCS
Piercy M (2004) Embedded devices next on the virus target list. IEEE Electron Syst Softw 2:42–43
Provos N, Holz T (2008) Virtual honeypots: from botnet tracking to intrusion detection. Addison-Wesley, Upper Saddle River
Rastogi V, Chen Y, Jiang X (2013) DroidChameleon: evaluating Android anti-malware against transformation attacks. Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security. ACM
Sanz B, Santos I, Galán-García P, Laorden C, Ugarte-Pedrero X, Bringas PG, Alvarez PUMA G (2012) Permission Usage to detect Malware in Android. In: Proceedings of the 5th international conference on computational intelligence in security for information systems (CISIS). Ostrava (Czech Republic), 5–7 September 2012
Sanz B, Santos I, Laorden C, Ugarte-Pedrero X, Bringas PG (2012) On the automatic categorisation of android applications. In: 2012 IEEE Consumer communications and networking conference (CCNC), 14–17 January, pp 149–153
Sarma B, Li N, Gates C, Potharaju R, Nita-Rotaru C (2012) Android permissions: a perspective combining risks and benefits. In: Proceedings of SACMAT
Schmidt A-D, Bye R, Schmidt H-G, Clausen J, Kiraz O, Yuksel KA, Camtepe SA, Albayrak S (2009) Static analysis of executables for collaborative malware detection on Android. In: IEEE international conference on communications, 2009 ICC’09, 14–18 June 2009, pp 1–5
Schmidt A-D, Schmidt H-G, Batyuk L, Clausen JH, Camtepe SA, Albayrak S, Yildizli C (2009) Smartphone malware evolution revisited: android next target? In: 2009 4th International conference on malicious and unwanted software (MALWARE), 13–14 October 2009, pp 1–7
Schultz M, Eskin E, Zadok E, Stolfo S (2001) Data mining methods for detection of new malicious executables. In: Proceedings of the IEEE symposium on security and privacy, pp 178–184
Seo S-H, Gupta A, Sallam AM, Bertino E, Yim K (2014) Detecting mobile malware threats to homeland security through static analysis. J Netw Comput Appl 38:43–53. doi:10.1016/j.jnca.2013.05.008
Shabtai A, Fledel Y, Kanonov U, Elovici Y, Dolev S, Glezer C (2010) Google android: a comprehensive security assessment. IEEE Secur Priv 2:35–44
Shabtai A, Fledel Y, Elovici Y (2010) Automated static code analysis for classifying Android applications using machine learning. In: 2010 International conference on computational intelligence and security (CIS), 11–14 December 2010, pp 329–333
Shabtai A, Tenenboim-Chekina L, Mimran D, Rokach L, Shapira, B, Elovici Y (2014) Mobile malware detection through analysis of deviations in application network behavior. Comput Secur 43:1–18
Shih DH, Lin B, Chiang HS, Shih MH (2008) Security aspects of mobile phone virus: a critical survey. Ind Manag Data Syst 108(4):478–494
Suarez-Tangil G et al (2014) Dendroid: a text mining approach to analyzing and classifying code structures in Android malware families. Expert Syst Appl 41(4):1104–1117
Tahan G, Rokach L, Shahar Y (2012) Mal-ID: automatic malware detection using common segment analysis and meta-features. J Mach Learn Res 13:949–979
Tong S, Koller D (2000–2001) Support vector machine active learning with applications to text classification. J Mach Learn Res 2:45–66
Wang X, Yu W, Champion A, Fu X, Xuan D (2007) Worms via mining dynamic program execution. In: Security and privacy in communications networks and the workshops, 2007. SecureComm 2007. Third international conference security and privacy in communication networks and the workshops, SecureComm, pp 412–421
Yu ZHU, Wang X-C, Shen H-B (2008) Detection method of computer worms based on SVM. Mech Electr Eng Mag 8
Zhang Y et al (2013) Vetting undesirable behaviors in android apps with permission use analysis. In: Proceedings of the 2013 ACM SIGSAC conference on computer & communications security. ACM
Zhao M, Zhang T, Ge F, Yuan Z (2012) RobotDroid: a lightweight malware detection framework on smartphones. JNW 7(4):715–722
Zhao W, Long J, Yin J, Cai Z, Xia G-M (2012) Sampling attack against active learning in adversarial environment. In: MDAI, pp 222–233
Zheng M, Lee PPC, Lui JCS (2013) Adam: an automatic and extensible platform to stress test android anti-virus systems. In: Detection of intrusions and malware, and vulnerability assessment. Springer, Berlin, Heidelberg, pp 82–101
Zhou Y et al (2012) Hey, you, get off of my market: detecting malicious apps in official and alternative android markets. In: Proceedings of the 19th annual network and distributed system security symposium
Zhou Y, Jiang X (2012) Dissecting android malware: characterization and evolution. In: 2012 IEEE symposium on security and privacy (SP). IEEE, pp 95–109, May 2012
Zhou W, Zhou Y, Jiang X, Ning P (2012) Detecting repackaged smartphone applications in third-party Android marketplaces. In: Proceedings of the second ACM conference on data and application security and privacy. ACM, pp 317–326
Acknowledgments
This research was partly supported by the National Cyber Bureau of the Israeli Ministry of Science, Technology and Space.
Author information
Authors and Affiliations
Corresponding author
Appendix
Appendix
List of features we used:
number_of_activities
number_of_services
number_of_recivers
number_of_permissions
number_of_providers
man_is_meta_data
perm_android.intent.category.MASTER_CLEAR.permission.C2D_MESSAGE
perm_android.permission.ACCESS_ALL_EXTERNAL_STORAGE
perm_android.permission.ACCESS_CACHE_FILESYSTEM
perm_android.permission.ACCESS_CHECKIN_PROPERTIES
perm_android.permission.ACCESS_COARSE_LOCATION
perm_android.permission.ACCESS_CONTENT_PROVIDERS_EXTERNALLY
perm_android.permission.ACCESS_FINE_LOCATION
perm_android.permission.ACCESS_LOCATION_EXTRA_COMMANDS
perm_android.permission.ACCESS_MOCK_LOCATION
perm_android.permission.ACCESS_MTP
perm_android.permission.ACCESS_NETWORK_STATE
perm_android.permission.ACCESS_SURFACE_FLINGER
perm_android.permission.ACCESS_WIFI_STATE
perm_android.permission.ACCESS_WIMAX_STATE
perm_android.permission.ACCOUNT_MANAGER
perm_android.permission.ALLOW_ANY_CODEC_FOR_PLAYBACK
perm_android.permission.ASEC_ACCESS
perm_android.permission.ASEC_CREATE
perm_android.permission.ASEC_DESTROY
perm_android.permission.ASEC_MOUNT_UNMOUNT
perm_android.permission.ASEC_RENAME
perm_android.permission.AUTHENTICATE_ACCOUNTS
perm_android.permission.BACKUP
perm_android.permission.BATTERY_STATS
perm_android.permission.BIND_ACCESSIBILITY_SERVICE
perm_android.permission.BIND_APPWIDGET
perm_android.permission.BIND_DEVICE_ADMIN
perm_android.permission.BIND_DIRECTORY_SEARCH
perm_android.permission.BIND_INPUT_METHOD
perm_android.permission.BIND_KEYGUARD_APPWIDGET
perm_android.permission.BIND_PACKAGE_VERIFIER
perm_android.permission.BIND_REMOTEVIEWS
perm_android.permission.BIND_TEXT_SERVICE
perm_android.permission.BIND_VPN_SERVICE
perm_android.permission.BIND_WALLPAPER
perm_android.permission.BLUETOOTH
perm_android.permission.BLUETOOTH_ADMIN
perm_android.permission.BLUETOOTH_STACK
perm_android.permission.BRICK
perm_android.permission.BROADCAST_PACKAGE_REMOVED
perm_android.permission.BROADCAST_SMS
perm_android.permission.BROADCAST_STICKY
perm_android.permission.BROADCAST_WAP_PUSH
perm_android.permission.CALL_PHONE
perm_android.permission.CALL_PRIVILEGED
perm_android.permission.CAMERA
perm_android.permission.CHANGE_BACKGROUND_DATA_SETTING
perm_android.permission.CHANGE_COMPONENT_ENABLED_STATE
perm_android.permission.CHANGE_CONFIGURATION
perm_android.permission.CHANGE_NETWORK_STATE
perm_android.permission.CHANGE_WIFI_MULTICAST_STATE
perm_android.permission.CHANGE_WIFI_STATE
perm_android.permission.CHANGE_WIMAX_STATE
perm_android.permission.CLEAR_APP_CACHE
perm_android.permission.CLEAR_APP_USER_DATA
perm_android.permission.CONFIGURE_WIFI_DISPLAY
perm_android.permission.CONFIRM_FULL_BACKUP
perm_android.permission.CONNECTIVITY_INTERNAL
perm_android.permission.CONTROL_LOCATION_UPDATES
perm_android.permission.CONTROL_WIFI_DISPLAY
perm_android.permission.COPY_PROTECTED_DATA
perm_android.permission.CRYPT_KEEPER
perm_android.permission.DELETE_CACHE_FILES
perm_android.permission.DELETE_PACKAGES
perm_android.permission.DEVICE_POWER
perm_android.permission.DIAGNOSTIC
perm_android.permission.DISABLE_KEYGUARD
perm_android.permission.DUMP
perm_android.permission.EXPAND_STATUS_BAR
perm_android.permission.FACTORY_TEST
perm_android.permission.FILTER_EVENTS
perm_android.permission.FLASHLIGHT
perm_android.permission.FORCE_BACK
perm_android.permission.FORCE_STOP_PACKAGES
perm_android.permission.FREEZE_SCREEN
perm_android.permission.GET_ACCOUNTS
perm_android.permission.GET_DETAILED_TASKS
perm_android.permission.GET_PACKAGE_SIZE
perm_android.permission.GET_TASKS
perm_android.permission.GLOBAL_SEARCH
perm_android.permission.GLOBAL_SEARCH_CONTROL
perm_android.permission.GRANT_REVOKE_PERMISSIONS
perm_android.permission.HARDWARE_TEST
perm_android.permission.INJECT_EVENTS
perm_android.permission.INSTALL_LOCATION_PROVIDER
perm_android.permission.INSTALL_PACKAGES
perm_android.permission.INTERACT_ACROSS_USERS
perm_android.permission.INTERACT_ACROSS_USERS_FULL
perm_android.permission.INTERNAL_SYSTEM_WINDOW
perm_android.permission.INTERNET
perm_android.permission.KILL_BACKGROUND_PROCESSES
perm_android.permission.MAGNIFY_DISPLAY
perm_android.permission.MANAGE_ACCOUNTS
perm_android.permission.MANAGE_APP_TOKENS
perm_android.permission.MANAGE_NETWORK_POLICY
perm_android.permission.MANAGE_USB
perm_android.permission.MANAGE_USERS
perm_android.permission.MASTER_CLEAR
perm_android.permission.MODIFY_APPWIDGET_BIND_PERMISSIONS
perm_android.permission.MODIFY_AUDIO_SETTINGS
perm_android.permission.MODIFY_NETWORK_ACCOUNTING
perm_android.permission.MODIFY_PHONE_STATE
perm_android.permission.MOUNT_FORMAT_FILESYSTEMS
perm_android.permission.MOUNT_UNMOUNT_FILESYSTEMS
perm_android.permission.MOVE_PACKAGE
perm_android.permission.NET_ADMIN
perm_android.permission.NET_TUNNELING
perm_android.permission.NFC
perm_android.permission.PACKAGE_USAGE_STATS
perm_android.permission.PACKAGE_VERIFICATION_AGENT
perm_android.permission.PERFORM_CDMA_PROVISIONING
perm_android.permission.PERSISTENT_ACTIVITY
perm_android.permission.PROCESS_OUTGOING_CALLS
perm_android.permission.READ_CALENDAR
perm_android.permission.READ_CALL_LOG
perm_android.permission.READ_CELL_BROADCASTS
perm_android.permission.READ_CONTACTS
perm_android.permission.READ_DREAM_STATE
perm_android.permission.READ_EXTERNAL_STORAGE
perm_android.permission.READ_FRAME_BUFFER
perm_android.permission.READ_INPUT_STATE
perm_android.permission.READ_LOGS
perm_android.permission.READ_NETWORK_USAGE_HISTORY
perm_android.permission.READ_PHONE_STATE
perm_android.permission.READ_PRIVILEGED_PHONE_STATE
perm_android.permission.READ_PROFILE
perm_android.permission.READ_SMS
perm_android.permission.READ_SOCIAL_STREAM
perm_android.permission.READ_SYNC_SETTINGS
perm_android.permission.READ_SYNC_STATS
perm_android.permission.READ_USER_DICTIONARY
perm_android.permission.REBOOT
perm_android.permission.RECEIVE_BOOT_COMPLETED
perm_android.permission.RECEIVE_DATA_ACTIVITY_CHANGE
perm_android.permission.RECEIVE_EMERGENCY_BROADCAST
perm_android.permission.RECEIVE_MMS
perm_android.permission.RECEIVE_SMS
perm_android.permission.RECEIVE_WAP_PUSH
perm_android.permission.RECORD_AUDIO
perm_android.permission.REMOTE_AUDIO_PLAYBACK
perm_android.permission.REMOVE_TASKS
perm_android.permission.REORDER_TASKS
perm_android.permission.RESTART_PACKAGES
perm_android.permission.RETRIEVE_WINDOW_CONTENT
perm_android.permission.RETRIEVE_WINDOW_INFO
perm_android.permission.SEND_SMS
perm_android.permission.SEND_SMS_NO_CONFIRMATION
perm_android.permission.SERIAL_PORT
perm_android.permission.SET_ACTIVITY_WATCHER
perm_android.permission.SET_ALWAYS_FINISH
perm_android.permission.SET_ANIMATION_SCALE
perm_android.permission.SET_DEBUG_APP
perm_android.permission.SET_KEYBOARD_LAYOUT
perm_android.permission.SET_ORIENTATION
perm_android.permission.SET_POINTER_SPEED
perm_android.permission.SET_PREFERRED_APPLICATIONS
perm_android.permission.SET_PROCESS_LIMIT
perm_android.permission.SET_SCREEN_COMPATIBILITY
perm_android.permission.SET_TIME
perm_android.permission.SET_TIME_ZONE
perm_android.permission.SET_WALLPAPER
perm_android.permission.SET_WALLPAPER_COMPONENT
perm_android.permission.SET_WALLPAPER_HINTS
perm_android.permission.SHUTDOWN
perm_android.permission.SIGNAL_PERSISTENT_PROCESSES
perm_android.permission.START_ANY_ACTIVITY
perm_android.permission.STATUS_BAR
perm_android.permission.STATUS_BAR_SERVICE
perm_android.permission.STOP_APP_SWITCHES
perm_android.permission.SUBSCRIBED_FEEDS_READ
perm_android.permission.SUBSCRIBED_FEEDS_WRITE
perm_android.permission.SYSTEM_ALERT_WINDOW
perm_android.permission.TEMPORARY_ENABLE_ACCESSIBILITY
perm_android.permission.UPDATE_DEVICE_STATS
perm_android.permission.UPDATE_LOCK
perm_android.permission.USE_CREDENTIALS
perm_android.permission.USE_SIP
perm_android.permission.VIBRATE
perm_android.permission.WAKE_LOCK
perm_android.permission.WRITE_APN_SETTINGS
perm_android.permission.WRITE_CALENDAR
perm_android.permission.WRITE_CALL_LOG
perm_android.permission.WRITE_CONTACTS
perm_android.permission.WRITE_DREAM_STATE
perm_android.permission.WRITE_EXTERNAL_STORAGE
perm_android.permission.WRITE_GSERVICES
perm_android.permission.WRITE_MEDIA_STORAGE
perm_android.permission.WRITE_PROFILE
perm_android.permission.WRITE_SECURE_SETTINGS
perm_android.permission.WRITE_SETTINGS
perm_android.permission.WRITE_SMS
perm_android.permission.WRITE_SOCIAL_STREAM
perm_android.permission.WRITE_SYNC_SETTINGS
perm_android.permission.WRITE_USER_DICTIONARY
perm_com.android.alarm.permission.SET_ALARM
perm_com.android.browser.permission.READ_HISTORY_BOOKMARKS
perm_com.android.browser.permission.WRITE_HISTORY_BOOKMARKS
perm_com.android.voicemail.permission.ADD_VOICEMAIL
perm_com.fede.launcher.permission.READ_SETTINGS
perm_com.htc.launcher.permission.READ_SETTINGS
perm_com.lge.launcher.permission.INSTALL_SHORTCUT
perm_com.lge.launcher.permission.READ_SETTINGS
perm_com.motorola.dlauncher.permission.INSTALL_SHORTCUT
perm_com.motorola.dlauncher.permission.READ_SETTINGS
perm_com.motorola.launcher.permission.INSTALL_SHORTCUT
perm_com.motorola.launcher.permission.READ_SETTINGS
perm_org.adw.launcher.permission.READ_SETTINGS
number_of_classes
number_of_classes_1-5
number_of_classes_5-10
number_of_classes_10-15
number_of_classes_15+
dex_strings_count
dex_activities
dex_services
dex_recivers
dex_bouncycastle_use
dex_opengl_use
dex_crypto_use
dex_man_diff_Activities
dex_man_diff_Services
dex_man_diff_Recivers
Rights and permissions
About this article
Cite this article
Nissim, N., Moskovitch, R., BarAd, O. et al. ALDROID: efficient update of Android anti-virus software using designated active learning methods. Knowl Inf Syst 49, 795–833 (2016). https://doi.org/10.1007/s10115-016-0918-z
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10115-016-0918-z