Title: DroidMD: an efficient and scalable Android malware detection approach at source code level

Authors: Junaid Akram; Majid Mumtaz; Gul Jabeen; Ping Luo

Addresses: The Key State Laboratory of Information Security, School of Software Engineering, Tsinghua University, 100086, China ' The Key State Laboratory of Information Security, School of Software Engineering, Tsinghua University, 100086, China ' The Key State Laboratory of Information Security, School of Software Engineering, Tsinghua University, 100086, China ' The Key State Laboratory of Information Security, School of Software Engineering, Tsinghua University, 100086, China

Abstract: Security researchers and anti-virus industries have speckled stress on an Android malware, which can actually damage your phones and threatens the Android markets. In this paper, we propose and develop DroidMD, a scalable self-improvement based tool, based on auto optimisation of signature set, which detect malicious apps in the market at source code level. A prototype has been developed tested and implemented to detect malware in applications. We implement and evaluate our approach on almost 30,000 applications including 27,000 benign and 3,670 malware applications. DroidMD detects malware in different applications at partial level and full level. It analyses only the applications code, which increase its reliability. Our evaluation of DroidMD demonstrates that our approach is very efficient in detecting malware at large scale with high accuracy of 95.5%.

Keywords: mobile security; Android software; malware detection; code clones; Android apps re-usability; Android evolution; DroidMD.

DOI: 10.1504/IJICS.2021.116310

International Journal of Information and Computer Security, 2021 Vol.15 No.2/3, pp.299 - 321

Received: 16 Mar 2018
Accepted: 14 Aug 2018
Published online: 20 Jul 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article