Detecting Android malware with intensive feature engineering

摘要

Nowadays, the amount of the application in Android App Market has grown fast, and the android malwares have been introduced fast into that market, too. In this paper, we use static analysis of a given android application with intensive feature engineering which we focus on different sources and different levels. It means that we not only extract features from the executable file classes.dex but also from the other android resource files such as manifest of the application, more over we expand features at different levels of abstraction of the APK application, rather than using more features at the single level. Finally, we combine these different feature sets into one feature set which is used by the classifiers for training/testing. Our method is compared against other Android malware code detection and found to be more efficient in terms of detection accuracy and false alarm rate.