Security Hardened and Privacy Preserved Android Malware Detection Using Fuzzy Hash of Reverse Engineered Source Code

Abstract

The risk of malware has increased drastically in recent years due to advances in the IT industry but it also increased the need for malware analysis and prevention. Hackers inject malicious code using awful applications. In this research, a framework is proposed to identify malicious Android applications based on repacked malicious code. The sensitive features of android applications are extracted using source code. These extracted features are compared with existing malware signatures to identify repacked malicious android applications. Experiments are performed using 3490 android-based malware samples belonging to 21 different malware families. A threshold value for malware categorization is defined using fuzzy logic. If the fuzzy comparison match is greater than 40%, the application is malicious. Meanwhile, if the match is greater than 10% and less than 40%, the application is suspicious otherwise benign. Furthermore, the proposed framework presents around 74% of the repacked malware compared to other similar approaches.