DroidAPIMiner: Mining API-level features for robust malware detection in android

Yousra Aafer, Wenliang Du, Heng Yin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

321 Scopus citations

Abstract

The increasing popularity of Android apps makes them the target of malware authors. To defend against this severe increase of Android malwares and help users make a better evaluation of apps at install time, several approaches have been proposed. However, most of these solutions suffer from some shortcomings; computationally expensive, not general or not robust enough. In this paper, we aim to mitigate Android malware installation through providing robust and lightweight classifiers. We have conducted a thorough analysis to extract relevant features to malware behavior captured at API level, and evaluated different classifiers using the generated feature set. Our results show that we are able to achieve an accuracy as high as 99% and a false positive rate as low as 2.2% using KNN classifier.

Original languageEnglish (US)
Title of host publicationSecurity and Privacy in Communication Networks - 9th International ICST Conference, SecureComm 2013, Revised Selected Papers
EditorsTanveer Zia, Albert Zomaya, Vijay Varadharajan, Morley Mao
PublisherSpringer Verlag
Pages86-103
Number of pages18
ISBN (Print)9783319042824
DOIs
StatePublished - Jan 1 2013
Event9th International Conference on Security and Privacy in Communication Networks, SecureComm 2013 - Sydney, Australia
Duration: Sep 25 2013Sep 28 2013

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume127 LNICST
ISSN (Print)1867-8211

Other

Other9th International Conference on Security and Privacy in Communication Networks, SecureComm 2013
CountryAustralia
CitySydney
Period9/25/139/28/13

Keywords

  • Android
  • Classification
  • Malware
  • Static detection

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'DroidAPIMiner: Mining API-level features for robust malware detection in android'. Together they form a unique fingerprint.

  • Cite this

    Aafer, Y., Du, W., & Yin, H. (2013). DroidAPIMiner: Mining API-level features for robust malware detection in android. In T. Zia, A. Zomaya, V. Varadharajan, & M. Mao (Eds.), Security and Privacy in Communication Networks - 9th International ICST Conference, SecureComm 2013, Revised Selected Papers (pp. 86-103). (Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST; Vol. 127 LNICST). Springer Verlag. https://doi.org/10.1007/978-3-319-04283-1_6