Title: GENDroid - a graph-based ensemble classifier for detecting Android malware

Authors: Shikha Badhani; Sunil Kumar Muttoo

Addresses: Department of Computer Science, Maitreyi College, University of Delhi, Delhi, India ' Department of Computer Science, University of Delhi, Delhi, India

Abstract: Recent years have witnessed a noticeable growth in the development of stealthy Android-based malware which has led to a pressing need for accurate malware detection systems. In this paper, we propose a graph-based ensemble classifier - GENDroid that performs ensemble learning using different graph-based classification techniques. The proposed classifier combines the predictions of three graph-based base classifiers using majority voting. The main advantage of our proposed classifier is that by combining diverse graph-based classifiers, a more accurate classifier can be learned. We experimentally demonstrate a substantial improvement of our proposed method over the individual graph-based classifiers on three datasets of benign and malicious Android apps. The results are backed up by using statistical tests. The robustness of GENDroid against one of the most widely used anti-forensics techniques - code obfuscation, is also verified empirically. GENDroid is also found to be resilient to the evolution of APIs and achieved very high accuracy.

Keywords: Android malware; graph-based; classifier; ensemble learning; code graphs; Jaccard distance.

DOI: 10.1504/IJICS.2022.10046938

International Journal of Information and Computer Security, 2022 Vol.18 No.3/4, pp.327 - 347

Received: 18 Jul 2021
Accepted: 14 Feb 2022

Published online: 05 Sep 2022 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article