Malware Detection Based on Permissions on Android Platform Using Data Mining

Abstract

With the spreading of smart mobile devices to nearly every person, Android Operating System is dominating the mobile’s operating systems. Due to the weak policy of submitting application to Google Play store, attackers developed malware to attack the users of the Android operating system with malware application or by including malicious code into applications. Researches have been done in this area, but solutions required installing the applications to monitor the malware behavior, or by taking actions after installing the application. We proposed a new method using Data Mining to detect newly and unknown malware using the applications’ permissions as base features. In order to create binary dataset we collected from benign and malware android app samples, the dataset consist of five different features collected based on different number of attributes and conditions. Different evaluation measure used to evaluate the proposed method, the results show that we achieved 96.74% with f-measure and 99.3% with area under the Receiver Operating Characteristic ROC curve.