An investigation of the classifiers to detect android malicious apps
This work addresses the problem of detecting advanced malware for Android users, but it is incremental as it compares existing classifiers on a known feature set.
The paper investigated five classifiers using opcode occurrence to detect Android malicious apps, finding that FT achieved the best detection accuracy at 79.27%, while RF had the highest malware detection rate at 99.91%.
Android devices are growing exponentially and are connected through the internet accessing billion of online websites. The popularity of these devices encourages malware developer to penetrate the market with malicious apps to annoy and disrupt the victim. Although, for the detection of malicious apps different approaches are discussed. However, proposed approaches are not suffice to detect the advanced malware to limit/prevent the damages. In this, very few approaches are based on opcode occurrence to classify the malicious apps. Therefore, this paper investigates the five classifiers using opcodes occurrence as the prominent features for the detection of malicious apps. For the analysis, we use WEKA tool and found that FT detection accuracy (79.27%) is best among the investigated classifiers. However, true positives rate i.e. malware detection rate is highest (99.91%) by RF and fluctuate least with the different number of prominent features compared to other studied classifiers. The analysis shows that overall accuracy is majorly affected by the false positives of the classifier.