Permission-based Malware Detection Mechanisms on Android: Analysis and Perspectives

Android security has been built upon a permission-based mechanism which restricts accesses of third-party Android applications to critical resources on an Android device. The user must accept the set of permissions an application requires, before proceeding the installation. This process aims to inform the users of the risk of installing and using an application on their device; but most often, even when the permission system is well understood, users are not aware enough of the threat endangered, and trust either the application store or the popularity of the application, and accept the installation without trying to analyse the intentions of the developer. Increasingly, one develops approaches aiming to characterise malware with the permissions, either individually or associatively, with machine learning classifiers. The objective in this paper is to investigate in the literature mechanisms for the characterisation and detection of malware based on the previous aspects. For that, we illustrate and describe limitations of existing works and promising considerations for future research.