| With the rapid development of mobile communication technology and mobile hardware devices, people have been becoming more and more dependent on the smartphone. This trend results the rapid increase of Android market share. As one of the most popular mobile operating system, Android allows users download and install third-part applications to meet their various requirements. However, since the supervisions and managements of third-part markets are very weak, the number of Android malware and its variants is increasing very quickly. This situation poses a great threat to the Android platform.In order to improve the accuracy of detection of Android malware, this paper proposes a permission based hybrid detection method according to the permissions that applied by applications for static and dynamic detection. This method combines static detecting technique and dynamic detecting technique. Firstly, applications are detected according to their permissions, this part can detect applications that only apply normal permissions or apply system permissions. Secondly, other applications are run in order to collect the function calls related to sensitive permissions. Then those applications are represented in a vector space model and their feature vectors are calculated by TF-IDF algorithm. Finally, the detection of them is completed via security detection techniques adopting Euclidean distance and cosine similarity.This paper proposes a permission based hybrid detection method and implements it in a real condition. Besides, an experiment is conducted to improve the effectiveness of the method. The final result of experiment shows that by using 982 samples from Google Play, the third-part markets and Android Malware Genome Project, the accuracy of detection method is 95.8%. A comparison with other work shows that our method improves the accuracy of detection of Android malware indeed. |
PDF Full Text Request