Identifying malicious Android apps using permissions and system events
by Hongmu Han; Ruixuan Li; Xiwu Gu
International Journal of Embedded Systems (IJES), Vol. 8, No. 1, 2016

Abstract: With the popularity of the Android platform, more and more hackers take the Android platform as the profitable target. Android provides a risk communication defence mechanism against malicious applications, which has been demonstrated to be ineffective. It is common to quickly identify malicious applications by permission-based analysis methods. Recently, those permission-based methods are becoming useless when more and more applications request dangerous permissions. The proposed approaches are based on the key insight that the difference in the components trigger model in malware applications and benign applications. The malwares are interested in monitoring system broadcast to activate malicious components and request more permissions. The benign applications are preferable to receive self-define broadcast to activate their components and ask fewer permissions. Existing permission-based Android malware check methods can identify nearly 81% malware samples, but they also identify many normal applications as malware. In this paper, we extend the permission-based approach and employ machine learning approaches to identify the malicious applications. We use the datasets of the Market 2011, Market 2012, Market 2013 and Malware to evaluate the proposed methods. The experimental results illustrate the effectiveness of our proposal.

Online publication date: Thu, 17-Dec-2015

The full text of this article is only available to individual subscribers or to users at subscribing institutions.

Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.

Pay per view:
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.

Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Embedded Systems (IJES):
Login with your Inderscience username and password:

    Username:        Password:         

Forgotten your password?

Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.

If you still need assistance, please email