A New Android Malware Detection Approach Using Bayesian Classification

TL;DR

This paper introduces a Bayesian classification-based method for detecting Android malware using static code analysis, aiming to improve detection rates against sophisticated, evasive malicious apps.

Contribution

It presents a novel static analysis approach employing Bayesian models to identify Android malware, enhancing detection accuracy over traditional methods.

Findings

Effective detection of real-world Android malware

Bayesian models outperform signature-based scanners

Static analysis provides reliable indicators of malicious activity

Abstract

Mobile malware has been growing in scale and complexity as smartphone usage continues to rise. Android has surpassed other mobile platforms as the most popular whilst also witnessing a dramatic increase in malware targeting the platform. A worrying trend that is emerging is the increasing sophistication of Android malware to evade detection by traditional signature-based scanners. As such, Android app marketplaces remain at risk of hosting malicious apps that could evade detection before being downloaded by unsuspecting users. Hence, in this paper we present an effective approach to alleviate this problem based on Bayesian classification models obtained from static code analysis. The models are built from a collection of code and app characteristics that provide indicators of potential malicious activities. The models are evaluated with real malware samples in the wild and results of experiments are presented to demonstrate the effectiveness of the proposed approach.