Analysis of Bayesian Classification based Approaches for Android Malware Detection

TL;DR

This paper develops and evaluates Bayesian classification-based machine learning methods for static analysis to detect unknown Android malware, addressing the challenge of rapidly evolving threats and zero-day attacks.

Contribution

It introduces a proactive Bayesian classification approach for static analysis that effectively detects new Android malware variants, outperforming traditional methods.

Findings

High detection accuracy demonstrated on large malware dataset

Effective identification of previously unseen malware families

Provides insights for developing static-analytic malware detection tools

Abstract

Mobile malware has been growing in scale and complexity spurred by the unabated uptake of smartphones worldwide. Android is fast becoming the most popular mobile platform resulting in sharp increase in malware targeting the platform. Additionally, Android malware is evolving rapidly to evade detection by traditional signature-based scanning. Despite current detection measures in place, timely discovery of new malware is still a critical issue. This calls for novel approaches to mitigate the growing threat of zero-day Android malware. Hence, in this paper we develop and analyze proactive Machine Learning approaches based on Bayesian classification aimed at uncovering unknown Android malware via static analysis. The study, which is based on a large malware sample set of majority of the existing families, demonstrates detection capabilities with high accuracy. Empirical results and comparative analysis are presented offering useful insight towards development of effective static-analytic Bayesian classification based solutions for detecting unknown Android malware.