Android Malware Detection Based on Composition Ratio of Permission Pairs

Detecting Android malware is imperative. Among various detection schemes, permission pair based ones are promising for practical detection. However, conventional schemes cannot simultaneously meet requirements use in terms of efficiency, intelligibility, and stability performance. Although the latest scheme relies on differences frequent pairs between benign apps malware, it stability. This because recent tends to require unnecessary permissions imitate apps, which makes using frequencies ineffective. To all requirements, this paper, we propose a Composition Ratio (CR) pairs. We define CR as ratio an app. focus fact that be small permissions. obtain features without frequencies, construct databases about CR. For each app, calculate similarity scores databases. Finally, eight fed into machine learning (ML) classifiers features. By doing this, stable performance can achieved. Since our just eight-dimensional, proposed takes less training time compatible with other ML schemes. Furthermore, quantitatively offer clear information helps human understand results. Our suitable met. real datasets, results show detect up 97.3% accuracy. Besides, compared existing scheme, reduce feature dimensions by 99% maintaining comparable accuracy datasets.