Behavioral Malware Detection Approaches for Android

Android, the fastest growing mobile operating system released in November 2007, boasts of a staggering 1.4 billion active users. Android users are susceptible to malicious applications that can hack into their personal data due to the lack of careful monitoring of their in-device security. There have been numerous works on devising malware detection methods. However, none of earlier works are conclusive enough for direct application and lack experimental validation. In this paper, we have investigated the natures and identities of malicious applications and devised two novel detection approaches for detection: network-based detection and system call based detection approaches. To evaluate our proposed approaches, we performed experiments on a subset of 1260 malwares, acquired from Android Malware Genome Project, a malware database created by Y. Zhou et al. [1] and 227 non-malware (benign) applications. Results show that our system call based approach is able to detect malwares with an accuracy of 87% which is quite significant in general malware detection context. Our proposed detection approaches along with the experimental results will provide security professionals with more precise and quantitative approaches in their investigations of mobile malwares on Android systems.