Open Access

ARTICLE

Unified Detection of Obfuscated and Native Android Malware

Pagnchakneat C. Ouk¹, Wooguil Pak^2,*
1 Department of Computer Engineering, Keimyung University, Daegu, 42601, Korea
2 Department of Information and Communication Engineering, Yeungnam University, Gyeongsan, Gyeongbuk, 38541, Korea
* Corresponding Author: Wooguil Pak. Email:

Computers, Materials & Continua 2022, 70(2), 3099-3116. https://doi.org/10.32604/cmc.2022.020202

Received 14 May 2021; Accepted 30 June 2021; Issue published 27 September 2021

Abstract

The Android operating system has become a leading smartphone platform for mobile and other smart devices, which in turn has led to a diversity of malware applications. The amount of research on Android malware detection has increased significantly in recent years and many detection systems have been proposed. Despite these efforts, however, most systems can be thwarted by sophisticated Android malware adopting obfuscation or native code to avoid discovery by anti-virus tools. In this paper, we propose a new static analysis technique to address the problems of obfuscating and native malware applications. The proposed system provides a unified technique for extracting features from applications and native libraries using a selection algorithm that can extract a small set of unique and effective features for detecting malware applications rapidly and with a high detection rate. Evaluation using large Android malware detection datasets obtained from various sources confirmed that the proposed approach achieves very promising results in terms of improved accuracy, low false positive rate, and high detection rate.

---

Keywords

Android malware detection; native code; obfuscation; unified feature extraction

---