Android Malware Detection by Combining Supervised and Unsupervised Learning.

Sateesh K. Peddoju, Associate Professor, Indian Institute of Technology Roorkee

Android has been the major target of malware developers. Malicious apps are disguised as normal ones and can perform actions like system damage, financial loss, information leakage, and mobile botnets. Several research works have been proposed to detect Android malware. The detection solutions can be classified into three categories: Static, Dynamic, and Hybrid Analysis. The static analysis aims at analyzing the Java code or Manifest file components of the application, without executing it. Dynamic analysis, on the other hand, executes the application to capture its run time behavior. Permissions and network traffic are the two widely used attributes in static and dynamic solutions respectively. A Hybrid solution targets to merge the best properties of both. Analyzing the behavior of permissions and patterns of network traffic flows is the basis for the detection of Android malware attacks. In this talk, I will, first, introduce major issues with mobile security, review various analysis and detection models, summarize the possible limitations of the existing models, and finally, I will quickly review the models proposed by our team for Android mobile malware detection.