Sequencing System Calls for Effective Malware Detection in Android

Malware is one of the biggest threats for the privacy and security of the smart-phone users. Android is currently the most popular operating system for smart-phones; consequently, many malwares are directed toward Android devices. Existing techniques for malware detection tend to compromise between accuracy and computational complexity. In this paper, we have proposed a novel technique to monitor the behavior of both malwares and benign applications using system calls and have developed a mathematical model that can detect mobile malwares. We have extracted features by sequencing the system calls of these applications. We have proposed a novel way of feature reduction using Gaussian dissimilarity and compared our feature selection technique with existing methods. Using the extracted set of features, we have implemented a machine learning classifier, namely Gaussian Bayes classifier, on two different malware data-sets (obtained from Malware Genome Project and Android Malware Dataset by Arguslab) and on non-malware samples (obtained from Google Play Store). We have found that our model is quite lightweight yet powerful to detect malwares with significant accuracy of 98%.