SAFEDroid: Using structural features for detecting android malwares

Abstract

Mobile devices have become a popular target for attackers, whose aims are to harm the devices, illegally obtain personal information and ultimately to reap financial benefit. In order to detect such malicious attempts, security solutions based on static analysis are mainly preferred due to resource-constraints of these devices. However, in general, static analysis-based solutions are not very effective against new mobile malwares and new variants of existing mobile malwares appear on a daily basis. In this study, new features for static analysis are investigated in order to detect mobile malwares. While studies found in the literature mostly employ API calls and permissions, this current study explores some novel structural features. Results show the relative effectiveness of these features on malware detection. Furthermore, it is shown that these features detect new malwares better than solely applying API-based features.