Development of Anti-Malware System for Android Applications

The huge popularity of mobile applications based on Android has led to a rise in malicious software development and distribution which is intended to target and compromise the android mobile devices. Consequently, this paper introduces a new detection system for identifying malicious behavior in Android applications, which consists of three main phases. The first phase employs mRMR (Minimum Redundancy Maximum Relevance) methods for feature selection, aiming to seek and determine the most efficient and effective subset of features from the overall feature space. This process involves utilizing multiple mRMR algorithms to recognize the most relevant features related to the target class while addressing any redundancy among the selected features. In the second phase, vector quantization is utilized to create a codebook vector. This codebook vector compresses the training subset samples from the dataset by incorporating the most effective features identified in phase one. Two codebook vectors are used in this phase: one representing the benign samples and the other representing the malware samples. Finally, in the third phase, the Attribute-Biased Classifier (ABC) is utilized for the classification task. This classifier takes the codebook vectors generated in the previous phases as input and accurately identifies the Android applications under test. Furthermore, a real-world dataset including both malicious and benign (non-malicious) Android applications is used to train and test the proposed system. The results show that the system is highly effective, robust, and efficient in distinguishing between malicious and benign applications, achieving an impressive accuracy of 98.8%. Additionally, it attained an AUC of 98.8% and F1-score of 98.8% and required only 𝟑×𝟏𝟎−𝟓 seconds per Android sample for testing. Additionally, the new detection system is compared with existing algorithms, demonstrating superior results in both accuracy and F1-score.