Performance Evaluation on Permission-Based Detection for Android Malware

Chun-Ying Huang*, Yi Ting Tsai, C. H. Hsu


研究成果: Chapter同行評審

66 引文 斯高帕斯(Scopus)


It is a straightforward idea to detect a harmful mobile application based on the permissions it requests. This study attempts to explore the possibility of detecting malicious applications in Android operating system based on permissions. Compare against previous researches, we collect a relative large number of benign and malicious applications (124,769 and 480, respectively) and conduct experiments based on the collected samples. In addition to the requested and the required permissions, we also extract several easy-to-retrieve features from application packages to help the detection of malicious applications. Four commonly used machine learning algorithms including AdaBoost, Naïve Bayes, Decision Tree (C4.5), and Support Vector Machine are used to evaluate the performance. Experimental results show that a permission-based detector can detect more than 81% of malicious samples. However, due to its precision, we conclude that a permission-based mechanism can be used as a quick filter to identify malicious applications. It still requires a second pass to make complete analysis to a reported malicious application.

主出版物標題Advances in Intelligent Systems and Applications - Volume 2
主出版物子標題Proceedings of the International Computer
編輯Chang Ruay-Shiung, Peng Sheng-Lung, Lin Chia-Chen
出版狀態Published - 28 6月 2013


名字Smart Innovation, Systems and Technologies


深入研究「Performance Evaluation on Permission-Based Detection for Android Malware」主題。共同形成了獨特的指紋。