Clustering Android Applications Using K-Means Algorithm Using Permissions

  • Soussi IlhamEmail author
  • Ghadi Abderrahim
  • Boudhir Anouar Abdelhakim
Conference paper
Part of the Lecture Notes in Intelligent Transportation and Infrastructure book series (LNITI)


In field of mobile security android malware is well known as a problematic never can finally solved despite of many solutions that have been proposed over time by researchers because of revolution and development of attackers techniques used in codes of their malwares that override anti-malwares and malware detection techniques by hiding the real behavior of malware when it is getting to scan moreover by obfuscating the source code of this last which make it difficult for researchers to view the source code of malicious application in order to analyze the element of this last and required features by it. The revolution of this malicious techniques make the solution proposed even using newest technologies of machine learning and reverse engineering get more limited over time in detecting malwares especially new released ones. For this reason the main objective of researchers in this field is to find a new solutions that can bear with this revolution. In this paper we proposed an approach based on clustering android applications into malware or benign using permissions as features in order to detect malwares in android applications by the application of filter feature selection algorithms to select features and k-Mean machine learning algorithm for clustering purpose.


Malicious application Permission Clustering Feature selection Machine learning Static analysis Android malware Detection Mobile security 



Authors are using this opportunity to express their gratitude to the AMD Project for sharing their Android malware samples with us which helps us a lot to evaluate the proposed approach and realizing the experiment of this research word.


  1. 1.
    Suarez-Tangil, G., Dash, S.K., Ahmadi, M., et al. (2017) DroidSieve: fast and accurate classification of obfuscated android malware. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy—CODASPY’17, pp. 309–320. ACM Press, Scottsdale, Arizona, USAGoogle Scholar
  2. 2.
    Wu, D., Mao, C., Wei, T., et al. (2012) DroidMat: android malware detection through manifest and API calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security, pp. 62–69Google Scholar
  3. 3.
    Welcome to Androguard’s documentation!—Androguard 3.2.0 documentation: Accessed 30 Sept 2018
  4. 4.
    Zhao, K., Zhang, D., Su, X., Li, W.: Fest: A feature extraction and selection tool for android malware detection. In: 2015 IEEE Symposium on Computers and Communication (ISCC). pp 714–720 (2015)Google Scholar
  5. 5.
    Wang, W., Wang, X., Feng, D., et al.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9, 1869–1882 (2014). Scholar
  6. 6.
    Pehlivan, U., Baltaci, N., Acartürk, C., Baykal, N.: The analysis of feature selection methods and classification algorithms in permission based Android malware detection. In: 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), pp 1–8 (2014)Google Scholar
  7. 7.
    Wen, L., Yu, H.: An Android malware detection system based on machine learning. AIP Conf. Proc. 1864, 020136 (2017). Scholar
  8. 8.
    Wang, X., Zhang, D., Su, X., Li, W.: Mlifdect: android malware detection based on parallel machine learning and information fusion. In: Security and Communication Networks Accessed 3 March 2018 (2017)
  9. 9.
    Hamid, I.R.A., Khalid, N.S., Abdullah, N.A., et al.: Android malware classification using K-means clustering algorithm. IOP Conf. Ser. Mater. Sci. Eng. 226, 012105 (2017). Scholar
  10. 10.
    Chen, L., Zhang, M., Yang, C.-Y., Sahita, R.: Semi-supervised classification for dynamic android malware detection (2017)Google Scholar
  11. 11.
  12. 12.
    Ilham, S., Ghadi, A.: Detection and classification of malwares in mobile applications. In: Ben Ahmed, M., Boudhir, A. (eds.) Innovations in Smart Cities and Applications. SCAMS 2017. Lecture Notes in Networks and Systems, vol 37. Springer, Cham (2018)CrossRefGoogle Scholar
  13. 13.
    Latest Technologies | Gaming | Graphics and Server | AMD: Accessed 30 Sept 2018

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Soussi Ilham
    • 1
    Email author
  • Ghadi Abderrahim
    • 1
  • Boudhir Anouar Abdelhakim
    • 1
  1. 1.LIST Laboratory, Faculty of Science and TechnologyTangierMorocco

Personalised recommendations