On machine learning effectiveness for malware detection in Android OS using static analysis data

Although various security mechanisms have been introduced in Android operating system in order to enhance its robustness, sheer protection remains an open issue: malicious applications (named as malware) usually find ways to bypass the security processes, whereas users are not aware a priori whether an application can operate as malware. To eliminate this problem, several approaches leverage machine learning for detecting malware using static analysis data. In this direction, we study the effectiveness of supervised machine learning algorithms using static analysis data extracted from the Drebin data set and we provide a short survey of other related works in the domain. We evaluate six well-known classification techniques under different configurations in terms of i) capacity of detecting Android malware and ii) feature selection. Our experimental results demonstrate that classification can reach a high level of accuracy by using only a small subset of features.