• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science

Previous Articles     Next Articles

A hybrid feature-based detection method on Android malware

XU Lin-xi,GUO Fan   

  1. (School of Computer and Science,Jiangxi Normal University,Nanchang 330022,China)
  • Received:2016-01-06 Revised:2016-05-04 Online:2017-10-25 Published:2017-10-25

Abstract:

Currently, Android malware detection is one of the hotpots in the security research field. Since Android is open source and very popular, the Android platform becomes a target of most malwares. Current approaches only extract syntax features or semantic features respectively so that it is difficult for them to know the real intention of the malware exactly. We propose a hybrid feature extraction method, using the set of class-based taint propagation paths as semantic features and claiming permissions and Intent-Actions as syntax features. We normalize all the extracted features before training and clustering data sets by K-means, and then produce feature vectors of each malware family. Finally we adopt the Euclidean distance computation to measure the similarity between the unknown program and feature vectors. The prototype is implemented on top of FlowDroid to analyze 400 real programs, and the results demonstrate that the method has higher precision.
 

Key words: malware detection, semantic features, taint propagation, clustering