"Less Give More": Evaluate and zoning Android applications

The Android security mechanism is the first approach to protect data, system resource as well as reduce the impact of malware. Past malware studies tend to investigate the novel approaches of preventing, detecting and responding to malware threats but little attention has been given to the area of risk assessment. This paper aims to fill that gap by presenting a risk assessment approach that evaluate the risk zone for an application. The permission-based approach is presented for evaluating and zoning the Android applications (EZADroid), based on risk assessment. The EZADroid applies the Analytic Hierarchy Process (AHP) as a decision factor to calculate the risk value. A total of 5000 benign and 5000 malware applications were drawn from the AndroZoo and Drebin datasets for evaluation. Results showed that the EZADroid had achieved 89.82% accuracy rate in classifying the application into a different level of risk zones (i.e. very low, low, medium, and high). (C) 2018 Elsevier Ltd. All rights reserved.