Anatomizing Android Malwares

Abstract

Android OS being the popular choice of majority users also faces the constant risk of breach of confidentiality, integrity and availability (CIA). Effective mitigation efforts needs to identified in order to protect and uphold the CIA triad model, within the android ecosystem. In this paper, we propose a novel method of android malware classification using Object-Oriented Software Metrics and machine learning algorithms. First, android apps are decompiled and Object-Oriented Metrics are obtained. VirusShare service is used to tag an app either as malware or benign. ObjectOriented Metrics and malware tag are clubbed together into a dataset. Eighty different machine-learned models are trained over five thousand seven hundred and seventy four android apps. We evaluate the performance and stability of these models using it’s malware classification accuracy and AUC (area under ROC curve) values. Our method yields an accuracy and AUC of 99.83% and 1.0 respectively.