has been growing in scale and complexity spurred by the unabated popularity of
smart phones worldwide.
This has been much more prevalent on Android due to being an open platform that
is rapidly overtaking other competing platforms in the mobile smart devices
market. Recently, a new generation of Android malware families has emerged with
advanced evasion capabilities which make them much more difficult to detect
using conventional methods. The loopholes in the
Android platform are:
As the Android platform has increased its market share in mobile
OS, malwares targeting Android has risen significantly, surpassing those found
on other mobile OS platforms. According to a study, android malware generally
remain undetected for up to three months.
Several third party Android Marketplaces exist, most without app
Mobile Antivirus engine detection rates are low, ineffective
against unknown malware.
The above motivates a machine learning based approach using
static analysis. The main advantages are:
Malware cannot modify its behaviour during analysis.
Proactive and fast.
Flexible and easily automated.
Can complement signature-based and/or dynamic methods for
Hence, this project aims to develop machine learning
classification models for high accuracy detection of unknown Android malware.
popularity of mobile devices has made Android a prime target for attack.
Consequently, a unique malware landscape has evolved in recent years as described
in surveys by Felt et al. 2 and Zhou and Jiang 7.To counter this various
methods based on static and dynamic code analysis have been proposed.
Machine Learning based
malware detection is a promising scalable method for identifying suspicious
applications. In particular, in today’s mobile computing realm where thousands
of applications are daily poured into markets, such a technique could be
valuable to guarantee a strong filtering of malicious apps.
The success of
machine-learning approaches however is highly dependent on (1) the quality of
the datasets that are used for training and of (2) the appropriateness of the
tested datasets with regards to the built classifiers.
The main contributions of malware detection using
machine learning will be:
Android malware detection approach is developed using machine learning
classifiers. To the best of our knowledge this is an approach for proactive
Android malware detection.
empirical evaluation of the approach by means of real malware samples and
benign applications, demonstrating its real-world applicability and capacity
for improved detection accuracy.