Hybrid Classification and Clustering Algorithm on Recent Android Malware Detection

Abstract

With the explosion in the popularity of smartphones over the previous decade, mobile malware appears to be unavoidable. Because Android is an open platform that is fast dominating other rival platforms (e.g. iOS) in the mobile smart device industry, Android malware has been much more widespread. Recent Android malware developers have more advanced capabilities when building their malicious apps, which make the apps themselves much more difficult to detect using conventional methods. In our paper, we proposed a hybrid machine learning classification and clustering algorithm to detect recent Android malware. The proposed algorithm performs better than the state-of-art algorithms with both F1-score and recall of 0.9944. More importantly, the top features returned by our algorithm clearly explain the important factors in the detection task. They can not only be used for enhanced Android malware detection but also quicker white-box analysis by means of more interpretable results.