Abstract
Due to its unique open source Android system has become a leader in the field of smart phones, allowing researchers to conduct a multi-angle study of the Android system. However, Android system has become malicious code attacks preferred target because of its open source features. For the existing detection scheme in terms of feature extraction due to the selection of too few types of features, the selected features contribute little to the classification accuracy of the classifier is not high and so on. This paper proposes a combination of dynamic and static multidimensional mixed feature extraction scheme, compared with the extraction scheme which only analyzes the authority and the function call, this paper extracts twelve types of features, which reflect the behavior of Android application from multiple perspectives and improve the comprehensiveness of feature extraction.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Feng, S.: Android Software Security and Reverse Analysis. Post and Telecom Press (2013)
Chen, L.: Research on Some Key Techniques in Malicious Code Detection. Yangzhou University (2012)
Elfattah, M.M.A., Youssif, A.A.A., Sarhan, E.: Handsets malware threats and facing techniques. Int. J. Adv. Comput. Sci. Appl. 2(12) (2012)
Qin, Z., Xu, Y., Liang, B., et al.: An android malware static detection method. J. Southeast Univ. 43(6), 1162–1167 (2013)
Wu, Z.: Study on Static Detection Scheme of Android Malware. Nanjing University of Posts and Telecommunications (2015)
Qiao, Y., Yang, Y., He, J., et al.: CBM: free, automatic malware analysis framework using API call sequences. In: Knowledge Engineering and Management, pp. 225–236. Springer, Berlin (2014)
Felt, A.P., Chin, E., Hanna, S., et al.: Android permissions demystified. In: ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, pp. 627–638. DBLP, October 2011
Desnos, A.: Android: static analysis using similarity distance. In: Hawaii International Conference on System Science, pp. 5394–5403. IEEE (2012)
Payet, E., Spoto, F.: Static analysis of android programs. Inf. Softw. Technol. 54(11), 1192–1201 (2012)
Chandramohan, M., Tan, H.B.K.: Detection of mobile malware in the wild. Computer 45(9), 65–71 (2012)
Enck, W., Gilbert, P., Han, S., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. 32(2), 1–29 (2014)
Sun, M.: Research on defects and optimization strategies of the TaintDroid data flow monitoring system. Netw. Secur. Technol. Appl. 10, 72–73 (2016)
Huang, J., Zhang, X., Tan, L., et al.: AsDroid: detecting stealthy behaviors in android applications by user interface and program behavior contradiction. In: International Conference on Software Engineering, pp. 1036–1046. ACM (2014)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)
Liu, X.: Study on Detection Technology of Android Malicious Software Based on Behavior Characteristics. Ningbo University (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Xue, F., You, S., Qi, Z., Liu, H. (2019). A Multidimensional Feature Extraction Method Based on Android Malware Detection. In: Sun, S. (eds) Signal and Information Processing, Networking and Computers. ICSINC 2018. Lecture Notes in Electrical Engineering, vol 494. Springer, Singapore. https://doi.org/10.1007/978-981-13-1733-0_1
Download citation
DOI: https://doi.org/10.1007/978-981-13-1733-0_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-1732-3
Online ISBN: 978-981-13-1733-0
eBook Packages: EngineeringEngineering (R0)