Android malware detection based on overlapping of static features

Abstract

Smartphones are increasingly used in everyday life. They execute complex software and store sensitive and private data of users. At the same time, malware targeting mobile devices is growing. There are various Android malware detection methods in the literature, most of which are based on permissions. However, the permission-based methods are usually subverted by some bypass techniques such as over-claim of permissions, permission escalation attack, and zero permission attack. In this paper, an Android malware detection method is proposed which uses API functions and Intents besides permissions. The proposed method modifies the values of some overlapping features. Consequently, the evaluation metrics such as precision, true positive, and false positive and accuracy are improved. The precision of the proposed method increases to 99.7% and the accuracy of this method improved to 98.6%.