Permission based Malware Analysis & Detection in Android

Android being a leading and the most popular operating system for smart phones and tablets, has also become a prime target for the attackers due to its growing users and it being an open source platform. This document describes the work done in detecting malware in the Android platform by performing static analysis on the permission based framework in Android platform. In our work, we have extracted a number of permission based features by disassembling the Android application (apk) files. Features, thus extracted, have been assembled in feature vectors. Machine learning algorithms are then applied to these feature vectors in order to detect malicious applications. Three algorithms, namely, K Nearest Neighbors (KNN), Decision Tree (DT) and SVM are applied on an initial dataset of 90 applications containing 55 malicious and 35 benign which is being currently expanded. Out of the three learning algorithms, Decision Tree (DT) is giving the best results, with classification accuracy of 96%.