An Android Malware Detection Method Based on Native Libraries

According to the problem that few existing Android malware detection studies focus on the malicious code in native libraries, an Android malware detection method based on native libraries is proposed in this paper. Firstly, ARM assembly instructions and grayscale images are extracted from native libraries. Secondly, N-gram features, GLCM, and fusion features are extracted from ARM assembly instructions and grayscale images. Finally, different types of machine learning algorithms are trained with these features to establish the best malware detection classifier. The experimental results show that the proposed method achieves accuracy of 86.3% and can detect malicious code in native libraries effectively.