Android Malware Detection Method Based on Function Call Graphs

  • Yuxin DingEmail author
  • Siyi Zhu
  • Xiaoling Xia
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9950)


With the rapid development of mobile Internet, mobile devices have been widely used in people’s daily life, which has made mobile platforms a prime target for malware attack. In this paper we study on Android malware detection method. We propose the method how to extract the structural features of android application from its function call graph, and then use the structure features to build classifier to classify malware. The experiment results show that structural features can effectively improve the performance of malware detection methods.


Android malware Static detection Machine learning 



This work was partially supported by Scientific Research Foundation in Shenzhen (Grant No. JCYJ20140627163809422, JCYJ20160525163756635), Guangdong Natural Science Foundation (Grant No. 2016A030313664) and Key Laboratory of Network Oriented Intelligent Computation (Shenzhen).


  1. 1.
    Enck, W., Octeau, D., Mcdaniel, P.: A study of android application security. In: Proceedings of the 20th Usenix Security Conference, p. 21 (2011)Google Scholar
  2. 2.
    Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of 16th ACM Conference on Computer and Communications Security, pp. 235–245 (2009)Google Scholar
  3. 3.
    Sarma, B.P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: Proceedings of 17th ACM Symposium Access Control Models Technologies, pp. 13–22 (2012)Google Scholar
  4. 4.
    Peng, H., Gates, C., Sarma, B., Li, N., Qi, Y., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Using probabilistic generative models for ranking risks of Android apps. In: Proceedings of ACM Conference on Computer and Communications Security, pp. 241–252 (2012)Google Scholar
  5. 5.
    Kim, S., Cho, J.I., Myeong, H.W., Lee, D.H.: A study on static analysis model of mobile application for privacy protection. In: Park, J.J., Chao, H.-C., Obaidat, M.S., Kim, J. (eds.) Computer Science and Convergence. Lecture Notes in Electrical Engineering, vol. 114, pp. 529–540. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  6. 6.
    Zhou, Y., Wang, Z., Zhou, W., Jiang, X.: Hey, you, get off of my market: detecting malicious apps in official and alternative Android markets. In: Proceedings of the 19th Annual Network & Distributed System Security Symposium, February 2012Google Scholar
  7. 7.
    Hao, H., Singh, V., Du, W.: On the effiectiveness of api-level access control using bytecode rewriting in android. In: Proceedings of the ACM SIGSAC Symposium on Information, Computer and Communications Security (2013)Google Scholar
  8. 8.
    Kashima, H.: A linear-time graph kernel. In: Proceedings of the Ninth IEEE International Conference on Data Mining, pp. 179–188 (2009)Google Scholar
  9. 9.
    Gärtner, T., Lloyd, J.W., Flach, P.A.: Kernels and distances for structured data. Mach. Learn. 57(3), 205–232 (2004)CrossRefzbMATHGoogle Scholar
  10. 10.
    Schölkopf, B., Platt, J., Hofmann, T.: Fast computation of graph kernels. In: Advances in Neural Information Processing Systems 19 NIPS, pp. 1449–1456 (2006, 2007)Google Scholar
  11. 11.
    Shervashidze, N., Schweitzer, P., Leeuwen, E.J.V., et al.: Weisfeiler-Lehman graph kernels. J. Mach. Learn. Res. 1(3), 1–48 (2011)MathSciNetzbMATHGoogle Scholar
  12. 12.
    Ding, Y., Yuan, X., Zhou, D., Dong, L., An, Z.: Feature representation and selection in malicious code detection methods based on static system calls. Comput. Secur. 30, 514–524 (2011)CrossRefGoogle Scholar
  13. 13.
    Malware Geome Project.

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Key Laboratory of Network Oriented Intelligent Computation, Department of Computer Sciences and TechnologyHarbin Institute of Technology Shenzhen Graduate SchoolShenzhenChina

Personalised recommendations