A comprehensive review on permissions-based Android malware detection

被引:2
作者
Sharma, Yash [1 ]
Arora, Anshul [1 ]
机构
[1] Delhi Technol Univ, Dept Appl Math, Delhi 110042, India
关键词
Android security; Android malware; Permissions based detection; Static detection; Mobile security; Literature review; LEARNING TECHNIQUES; FEATURE-SELECTION; STATIC ANALYSIS; DEEP; FRAMEWORK; PATTERNS; CLASSIFICATION; IDENTIFICATION; MANIFEST; ATTACKS;
D O I
10.1007/s10207-024-00822-2
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The first Android-ready "G1" phone debuted in late October 2008. Since then, the growth of Android malware has been explosive, analogous to the rise in the popularity of Android. The major positive aspect of Android is its open-source nature, which empowers app developers to expand their work. However, authors with malicious intentions pose grave threats to users. In the presence of such threats, Android malware detection is the need of an hour. Consequently, researchers have proposed various techniques involving static, dynamic, and hybrid analysis to address such threats to numerous features in the last decade. However, the feature that most researchers have extensively used to perform malware analysis and detection in Android security is Android permission. Hence, to provide a clarified overview of the latest and past work done in Android malware analysis and detection, we perform a comprehensive literature review using permissions as a central feature or in combination with other components by collecting and analyzing 205 studies from 2009 to 2023. We extracted information such as the choice opted by researchers between analysis or detection, techniques used to select or rank the permissions feature set, features used along with permissions, detection models employed, malware datasets used by researchers, and limitations and challenges in the field of Android malware detection to propose some future research directions. In addition, on the basis of the information extracted, we answer the six research questions designed considering the above factors.
引用
收藏
页码:1877 / 1912
页数:36
相关论文
共 50 条
[11]   STATIC DETECTION OF ANDROID MALWARE BY USING PERMISSIONS AND API CALLS [J].
Chan, Patrick P. K. ;
Song, Wen-Kai .
PROCEEDINGS OF 2014 INTERNATIONAL CONFERENCE ON MACHINE LEARNING AND CYBERNETICS (ICMLC), VOL 1, 2014, :82-87
[12]   IPAnalyzer: A novel Android malware detection system using ranked Intents and Permissions [J].
Sharma, Yash ;
Arora, Anshul .
MULTIMEDIA TOOLS AND APPLICATIONS, 2024, 83 (33) :78957-79008
[13]   The Android malware detection systems between hope and reality [J].
Bakour, Khaled ;
Unver, Halil Murat ;
Ghanem, Razan .
SN APPLIED SCIENCES, 2019, 1 (09)
[14]   Permission Weighting Approaches in Permission Based Android Malware Detection [J].
Kural, Oguz Emre ;
Sahin, Durmus Ozkan ;
Akleylek, Sedat ;
Kilic, Erdal .
2019 4TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND ENGINEERING (UBMK), 2019, :134-139
[15]   Detection approaches for android malware: Taxonomy and review analysis [J].
Manzil, Hashida Haidros Rahima ;
Naik, S. Manohar .
EXPERT SYSTEMS WITH APPLICATIONS, 2024, 238
[16]   A Comprehensive Analysis of the Android Permissions System [J].
Almomani, Iman M. ;
Al Khayer, Aala .
IEEE ACCESS, 2020, 8 :216671-216688
[17]   NATICUSdroid: A malware detection framework for Android using native and custom permissions [J].
Mathur, Akshay ;
Podila, Laxmi Mounika ;
Kulkarni, Keyur ;
Niyaz, Quamar ;
Javaid, Ahmad Y. .
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2021, 58 (58)
[18]   Leveraging the first line of defense: a study on the evolution and usage of android security permissions for enhanced android malware detection [J].
Guerra-Manzanares, Alejandro ;
Bahsi, Hayretdin ;
Luckner, Marcin .
JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES, 2023, 19 (01) :65-96
[19]   RepassDroid: Automatic Detection of Android Malware Based on Essential Permissions and Semantic Features of Sensitive APIs [J].
Xie, Niannian ;
Zeng, Fanping ;
Qin, Xiaoxia ;
Zhang, Yu ;
Zhou, Mingsong ;
Lv, Chengcheng .
PROCEEDINGS 2018 12TH INTERNATIONAL SYMPOSIUM ON THEORETICAL ASPECTS OF SOFTWARE ENGINEERING (TASE 2018), 2018, :52-59
[20]   Predicting Android malware combining permissions and API call sequences [J].
Chen, Xin ;
Yu, Haihua ;
Yu, Dongjin ;
Chen, Jie ;
Sun, Xiaoxiao .
SOFTWARE QUALITY JOURNAL, 2023, 31 (03) :655-685