Android Malware Detection Based on Network Traffic Using Decision Tree Algorithm

  • Aqil Zulkifli
  • Isredza Rahmi A. Hamid
  • Wahidah Md Shah
  • Zubaile Abdullah
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 700)


Android mobile operating system has well developed and gained absolute popularity among user. Although android is an open source operating system, it fits user daily life requirement nowadays. However, this is the reason why android malware keep on increasing every year. There are various method used to detect the occurrence of android malware such as based on static or dynamic analysis. Static analysis is favourable approach because it is quick and inexpensive. However, the static analysis unable to monitor the malicious application behavior during runtime. Therefore, we proposed a dynamic detection technique based on network traffic which records the application behavior during runtime. We consider seven network traffic features extracted from Drebin and Contagiodumpset dataset. The Drebin dataset achieved higher accuracy value with 98.4% as compared to Contagiodumpset dataset when tested using J48 decision tree algorithm.


Android Malware Decision tree algorithm 



The authors express appreciation to the Universiti Tun Hussein Onn Malaysia (UTHM). This research is supported by Short Term Grant vot number U653 and Gates IT Solution Sdn. Bhd. under its publication scheme.


  1. 1.
    Bisson, D.: Trojan found in more than 100 Android apps on Google Play Store. Cluley Associates Ltd.
  2. 2.
    Nazish: Dissecting android malware: characterization and evolution summarized by: Nazish Asad. 4 (2011)Google Scholar
  3. 3.
    Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of 1st ACM Work. Security and Privacy in Smartphones and Mobile Devices—SPSM 2011, p. 15 (2011)Google Scholar
  4. 4.
    Shabtai, A., Fledel, Y., Elovici, Y.: Automated static code analysis for classifying android applications using machine learning. In: Proceedings of the 2010 International Conference on Computational Intelligence and Security, pp. 329–333 (2010)Google Scholar
  5. 5.
    Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: DroidMat: Android malware detection through manifest and API calls tracing. In: Proceedings of 2012 7th Asia Jt. Conference Information Security Asia JCIS 2012, pp. 62–69 (2012)Google Scholar
  6. 6.
    Suarez-Tangil, G., Dash, S.K., Ahmadi, M., Kinder, J., Giacinto, G., Cavallaro, L.: DroidSieve: fast and accurate classification of obfuscated android malware. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy (CODASPY 2017), pp. 309–320 (2017)Google Scholar
  7. 7.
    Afonso, V.M., de Amorim, M.F., Grégio, A.R.A., Junquera, G.B., de Geus, P.L.: Identifying Android malware using dynamically obtained features. J. Comput. Virol. Hacking Tech. 11(1), 9–17 (2015)CrossRefGoogle Scholar
  8. 8.
    Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: Andromaly: A behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)CrossRefGoogle Scholar
  9. 9.
    Malik, J., Kaushal, R.: CREDROID: Android malware detection by network traffic analysis. In: Proceedings of the 1st ACM Workshop on Privacy-Aware Mobile Computing (PAMCO 2016), pp. 28–36 (2016)Google Scholar
  10. 10.
    Sharma, D.: Android malware detection using decision trees and network traffic. 7(4), 1970–1974 (2016)Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Aqil Zulkifli
    • 1
  • Isredza Rahmi A. Hamid
    • 1
  • Wahidah Md Shah
    • 2
  • Zubaile Abdullah
    • 1
  1. 1.Information Security Interest Group (ISIG), Faculty of Computer Science and Information TechnologyUniversiti Tun Hussein OnnParit RajaMalaysia
  2. 2.Faculty of Information Technology and CommunicationUniversiti Teknikal Malaysia MelakaDurian TunggalMalaysia

Personalised recommendations