Efficient Android Malware Scanner Using Hybrid Analysis
K.A. Dhanya1, T. Gireesh Kumar2
1K.A. Dhanya, TIFAC-CORE, Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham Coimbatore (Tamil Nadu), India.
2T. Gireesh Kumar, TIFAC-CORE, Cyber Security, Amrita School of Engineering, Amrita Vishwa Vidyapeetham Coimbatore (Tamil Nadu), India.
Manuscript received on 22 April 2019 | Revised Manuscript received on 01 May 2019 | Manuscript Published on 08 May 2019 | PP: 76-80 | Volume-7 Issue-5S3 February 2019 | Retrieval Number: E11140275S19/19©BEIESP
Open Access | Editorial and Publishing Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Mobile Malicious applications are great threat to digital world as it is increasing tremendously along with benign applications. Main approaches for analysing the malware are static, dynamic and hybrid analysis. In this paper hybrid analysis is proposed with permission features accessed from applications statically, dynamic features like network activities, file system activities, cryptographic activities, information leakage etc. are dynamically accessed using Android Droid box and dynamic API calls are analysed using API Monitor tool. Separability assessment Criteria is used for relevant feature selection which had improved the performance. In this paper, hybrid features are used to characterize the malware along with learning algorithms such as Naïve Bayes, J48 and Random Forest. Random Forest classifier had produced TPR of 1, FPR of 0 with 77 best features.
Keywords: Mobile Malware, Droid Box, API Monitor, Hybrid Analysis, Machine Learning.
Scope of the Article: Predictive Analysis