Automatic Feature Extraction, Categorization and Detection of Malicious Code in Android Applications

TL;DR

This paper proposes a static analysis method for automatically extracting features from Android apps to categorize and detect malicious applications based on intents, permissions, and category mismatches.

Contribution

It introduces a simple static analysis approach that classifies Android apps and identifies potential malicious behavior by analyzing intents and permissions.

Findings

Effective categorization of Android apps based on static features

Detection of apps using inappropriate or unnecessary features

Potential to identify malicious applications through feature analysis

Abstract

Since Android has become a popular software platform for mobile devices recently; they offer almost the same functionality as personal computers. Malwares have also become a big concern. As the number of new Android applications tends to be rapidly increased in the near future, there is a need for automatic malware detection quickly and efficiently. In this paper, we define a simple static analysis approach to first extract the features of the android application based on intents and categories the application into a known major category and later on mapping it with the permissions requested by the application and also comparing it with the most obvious intents of category. As a result, getting to know which apps are using features which they are not supposed to use or they do not need.