EMULATOR vs REAL PHONE: Android Malware Detection Using Machine Learning

by   Mohammed K. Alzaylaee, et al.

The Android operating system has become the most popular operating system for smartphones and tablets leading to a rapid rise in malware. Sophisticated Android malware employ detection avoidance techniques in order to hide their malicious activities from analysis tools. These include a wide range of anti-emulator techniques, where the malware programs attempt to hide their malicious activities by detecting the emulator. For this reason, countermeasures against antiemulation are becoming increasingly important in Android malware detection. Analysis and detection based on real devices can alleviate the problems of anti-emulation as well as improve the effectiveness of dynamic analysis. Hence, in this paper we present an investigation of machine learning based malware detection using dynamic analysis on real devices. A tool is implemented to automatically extract dynamic features from Android phones and through several experiments, a comparative analysis of emulator based vs. device based detection by means of several machine learning algorithms is undertaken. Our study shows that several features could be extracted more effectively from the on-device dynamic analysis compared to emulators. It was also found that approximately 24 analysed on the phone. Furthermore, all of the studied machine learning based detection performed better when applied to features extracted from the on-device dynamic analysis.



page 1

page 2

page 3

page 4


DL-Droid: Deep learning based android malware detection using real devices

The Android operating system has been the most popular for smartphones a...

Malceiver: Perceiver with Hierarchical and Multi-modal Features for Android Malware Detection

We propose the Malceiver, a hierarchical Perceiver model for Android mal...

Machine Learning-based Ransomware Detection Using Low-level Memory Access Patterns Obtained From Live-forensic Hypervisor

Since modern anti-virus software mainly depends on a signature-based sta...

IntelliAV: Building an Effective On-Device Android Malware Detector

The importance of employing machine learning for malware detection has b...

R-PackDroid: Practical On-Device Detection of Android Ransomware

Ransomware constitutes a major threat for the Android operating system. ...

Can We Trust Your Explanations? Sanity Checks for Interpreters in Android Malware Analysis

With the rapid growth of Android malware, many machine learning-based ma...

Deep Learning Based Android Malware Detection Framework

With the development in the field of smartphones and ever growing base o...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.