DMDAM: Data mining based detection of android malware

Abstract

Mobile malwares have been rising in scale as Android operating system enabled smart phones are getting popularity around the world. To fight against this outburst of Android malwares, different static and dynamic malware detection methods have been proposed. One of the popular methods of static detection technique is permission based detection of malwares through AndroidManifest.xml file using machine learning classifiers. However, the comparison of different machine learning classifiers on different data sets has not been fully cultivated by existing literatures. In this work we propose a framework which extracts the permission features of manifest files, generates feature vectors and uses different machine learning classifiers of a Data Mining Tool, Weka to classify android applications. We evaluate our method on a set of total 170 applications (100 benign, 70 malwares) and results show that highest TPR rate is 96.70% while accuracy is up to 77.13% and highest F1 score is 0.8583.