International Center for Scientific Research and Studies
Abstract
The widespread of mobile applications has led to increase smartphone malware. Detecting malware requires extracting features to determine the malware apps from non-malware apps. To understand malware apps' features, we need a better understanding of the requested permissions in manifest file of apk file. In this paper, we present our framework based on extracting apk's permissions with the aims to detect the malware upon granted permissions in mobile app. The permissions keywords are extracted from the manifest file of apk file using VirusTotal website. These collected applications and their permissions keywords will go through pre-data analytics process before being trained to various machine learning classifiers. We collected around 30 apps from Google play as non-malware apps and 30 malicious apps from different sources such as PROGuard, Contagio Mobile blog and the Drebin dataset. The permissions keywords of the collected apk are extracted and saved to build final dataset that contains 50 samples of benign and malignant applications with the final collections of permissions keywords. Finally, the dataset is fed to machine learning. By utilizing several classifiers such as NaiveBayes, sequential minimal optimization (SMO), Decision Table, ZeroR and Decision trees (J48 and Random Forests, the results show that sequential minimal optimization (SMO) classifier achieved high performance in the detection rate of the classifier with an acceptable accuracy of 76 %
