RoughDroid: Operative Scheme for Functional Android Malware Detection

Abstract EN

There are thousands of malicious applications that invade Google Play Store every day and seem to be legal applications.

These malicious applications have the ability to link the malware referred to as Dresscode created for network hacking as well as scrolling information.

Since Android smartphones are indispensable, there should be an efficient and also unusual protection.

Therefore, Android smartphones usually continue to be safeguarded from novel malware.

In this paper, we propose RoughDroid, a floppy analysis technique that can discover Android malware applications directly on the smartphone.

RoughDroid is based on seven feature sets (FS1,FS2,…,FS7) from the XML manifest file of an Android application, plus three feature sets (FS8,FS9, and FS10) from the Dex file.

Those feature sets pass through the Rough Set algorithm to elastically classify the Android application as either benign or malicious.

The experimental results mainly consider 20 most common malware families, plus three new malware families (Grabos, TrojanDropper.Agent.BKY, and AsiaHitGroup) that invade Google Play Store at 2017.

According to the experimental results, RoughDroid has 95.6% detection performance for the malware families at 1% false-positive rate.

Finally, RoughDroid is a lightweight approach for straightly examining downloaded applications on the smartphone.