FgDetector: Fine-Grained Android Malware Detection

Smartphones are rapidly becoming a necessity in our lives and Android is one of the most popular mobile operating systems. However, a large number of Android malicious applications hidden behind the benign applications pose a serious threat to the Android platform. In this paper, we have proposed and implemented FgDetector, an automatically malware detection tool, based on machine learning models. FgDetector can extract features from Android applications and convert it into a low-dimensional feature vector for training the detection model to detect whether an application is malicious or not. Furthermore, FgDetector can classify the fine-grained malware families when identifying malicious applications. To better assess, we have conducted an evaluation with a public data set with 123, 453 benign applications and 5560 malware to prove the feasibility of FgDetector. Our experimental results show that FgDetector outperforms several related traditional machine learning models whether in binary classification or multiclass classification. FgDetector can detect 99.20% of the malware with a high F1-score and can achieve 93.77% precision when detecting the detailed malware family of a malicious application.