A Multi-Strategy Combination Framework for Android Malware Detection Based on Various Features

With the increasing popularity of smartphones, the mobile security issues have become serious, and more and more malware has been found. Android applications are often used to handle sensitive information, thus they have become the main targets of malware attacks. In order to efficiently detect Android malware, in this paper, we present a multi-strategy combination framework. We use five types of static features to characterize Android applications from multiple aspects. To improve the classification accuracy and reduce the overfitting of the framework, we use three filter-based feature selection methods to identify the most informative top-k features. Then we input the applications represented by the feature subsets into five classification algorithms to build classifiers. Finally, we predict the classification results by hard voting or soft voting. We have performed many experiments in a well-marked dataset consisting of 41,155 samples. The experimental results show that our approach can achieve over 98% in accuracy, precision, recall and F-score. Compared with other existing methods, our approach has the best malware detection rate of 98.75%.