Android malware detection using machine learning

Abstract

In this study, we present a static Android malware detection system using data mining and machine learning techniques that includes five feature selection methods: Information Gain, Binormal Separation, Chi-squared, Relief, and Principal Component Analysis; and four machine learning algorithms: Naive Bayes, SVM, J48, and Random Forest. To overcome the lack of usual signature-based antivirus products, we use static analysis to extract valuable features of Android applications. We extract permission and API call features of Android APK files. Afterward, the feature selection methods are used to select valuable feature subsets. This feature subset is selected by conducting extensive experimental analysis in which experimental thresholds select various feature subsets, and the subset trains the machine learning algorithms to find the best model. By adopting the concepts of machine learning and data mining, we construct a malware detection system that has an Overall Accuracy of 96%.