Permission extraction framework for android malware detection

Nowadays Android base’s devices have more popularity in compare to other platforms. Statistics represent that market share for Android on mobile devices on March 2018 is 84.8% in compare only 15.1% iOS. These numbers indicate that most of attacks are subjected to Android devices. In addition, most of people are keeping their confidential information on their mobile phone therefore securing Android should taking high concern. Recently there are a lot of researches on detecting malicious applications on Android platform. There are two main approaches for investigation over applications, first static analysis and second behavioral or dynamic analysis. Static analysis mostly focusing on Android Packaging File (APK). On the other hand, dynamic analysis, study on application behavior in isolated environment to analyze intention of application. Due to high number of applications, all of mentioned approaches need automation techniques for classification, however current researches could not provide satisfying accuracy while dealing with large number of applications. To clarify, precision, recall and false positive with growing number of dataset has negative relation. Also this point needs to be considered that, using high number of features can leads to less performance in implementation. Permission is one of noticeable features to expose the intention of developer. In this project, proposed static analysis method for detecting malicious application. The framework is hiring permission extraction approach to label malicious applications by analyzing permissions. Different statistical methods have been used to optimal distinguish malicious and benign applications. Machine learning is used for classification and detection. While increasing input data, model tries to keep detection accuracy in acceptable level. Outcome of proposed framework shows with almost 60,000 number of applications, 94.00% f-score is achievable.