Method for Detecting Android Malware Based on Ensemble Learning

Abstract

In recent years, we have become increasingly dependent on smart devices. Android is an operating system mainly used on mobile devices, where hundreds of millions of users can download various apps through many application stores. Under these circumstances, a large number of malicious apps can be put into the application stores by developers to achieve the purpose of attacking, controlling user devices, and even stealing user information and property. Therefore, it is necessary to identify malwares in mass apps through analysis and detection to remind users. We propose an idea of detecting and discriminating Android malware based on an ensemble learning method. Firstly, a static analysis of AndroidManifest file in APK is performed to extract features such as permission calls, component calls, and intents in system. Then we use XGBoost method, an implementation of ensemble learning, to detect malicious applications. The conclusion is that this system performs very well in Android malware detection.