Similarity-based Android Malware Detection Using Hamming Distance of Static Binary Features

by   Rahim Taheri, et al.

In this paper, we develop four malware detection methods using Hamming distance to find similarity between samples which are first nearest neighbors (FNN), all nearest neighbors (ANN), weighted all nearest neighbors (WANN), and k-medoid based nearest neighbors (KMNN). In our proposed methods, we can trigger the alarm if we detect an Android app is malicious. Hence, our solutions help us to avoid the spread of detected malware on a broader scale. We provide a detailed description of the proposed detection methods and related algorithms. We include an extensive analysis to asses the suitability of our proposed similarity-based detection methods. In this way, we perform our experiments on three datasets, including benign and malware Android apps like Drebin, Contagio, and Genome. Thus, to corroborate the actual effectiveness of our classifier, we carry out performance comparisons with some state-of-the-art classification and malware detection algorithms, namely Mixed and Separated solutions, the program dissimilarity measure based on entropy (PDME) and the FalDroid algorithms. We test our experiments in a different type of features: API, intent, and permission features on these three datasets. The results confirm that accuracy rates of proposed algorithms are more than 90 some cases (i.e., considering API features) are more than 99 comparable with existing state-of-the-art solutions.


page 14

page 15

page 18


Analysis, Detection, and Classification of Android Malware using System Calls

With the increasing popularity of Android in the last decade, Android is...

Android Malware Detection using Deep Learning on API Method Sequences

Android OS experiences a blazing popularity since the last few years. Th...

Android Malware Detection based on Factorization Machine

With the increasing popularity of Android smart phones in recent years, ...

MaMaDroid: Detecting Android Malware by Building Markov Chains of Behavioral Models (Extended Version)

As Android becomes increasingly popular, so does malware targeting it, t...

Don't Pick the Cherry: An Evaluation Methodology for Android Malware Detection Methods

In evaluating detection methods, the malware research community relies o...

On Defending Against Label Flipping Attacks on Malware Detection Systems

Label manipulation attacks are a subclass of data poisoning attacks in a...

Towards Accurate Labeling of Android Apps for Reliable Malware Detection

In training their newly-developed malware detection methods, researchers...

Please sign up or login with your details

Forgot password? Click here to reset