Static and Dynamic Analysis for Android Malware Detection

  • Krishna Sugunan
  • T. Gireesh Kumar
  • K. A. Dhanya
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 645)


In this work, we perform a comparitive study on the behavior of malware and benign applications using its static and dynamic features. In static analysis, the permissions required for an application are considered. But in dynamic, we use a tool called Droidbox. Droidbox is an android sandbox which can monitor some app actions like network activities, file system activities, cryptographic activities, information leakage, etc. Here, we consider these actions as well as dynamic API calls of applications. We propose to implement an android malware detector that can detect an app whether it is malware or not, prior to installation.


Malware Benign Static Dynamic Droidbox 


  1. 1.
    Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digit. Invest. 13, 22–37 (2015)CrossRefGoogle Scholar
  2. 2.
    Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutor. 17(2), 998–1022 (2015)CrossRefGoogle Scholar
  3. 3.
    Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)CrossRefGoogle Scholar
  4. 4.
    Qiao, M., Sung, A.H., Liu, Q.: Merging permission and api features for android malware detection. In: 2016 5th IIAI International Congress on Advanced Applied Informatics (IIAIAAI), pp. 566–571. IEEE, (2016)Google Scholar
  5. 5.
    Wu, D.-J., Mao, C.-H., Wei, T.-E., Lee, H.-M., Wu, K.-P.: Droidmat: android malware detection through manifest and api calls tracing. In: 2012 7th Asia Joint Conference on Information Security (Asia JCIS), pp. 62–69. IEEE, (2012)Google Scholar
  6. 6.
  7. 7.
  8. 8.
  9. 9.
  10. 10.
  11. 11.
  12. 12.
  13. 13.
  14. 14.
  15. 15.

Copyright information

© Springer Nature Singapore Pte Ltd. 2018

Authors and Affiliations

  • Krishna Sugunan
    • 1
  • T. Gireesh Kumar
    • 1
  • K. A. Dhanya
    • 1
  1. 1.TIFAC-CORE in Cyber Security, Amrita School of EngineeringAmrita Vishwa Vidyapeetham, Amrita UniversityCoimbatoreIndia

Personalised recommendations