AndMFC: Android Malware Family Classification Framework

Abstract

As the popularity of Android mobile operating system grows, the number of malicious software have increased extensively. Therefore, many research efforts have been done on Android malware analysis. Besides detection of malicious Android applications, recognizing families of malwares is also an important task in malware analysis. In this paper, we propose a machine learning-based classification framework that classifies Android malware samples into their families. The framework extracts requested permissions and API calls from Android malware samples and uses them as features to train a large set of machine learning classifiers. To validate the performance of our proposed approach, we use three different malware datasets. Our experimental results show that all of the tested models classify malwares efficiently. We also make a study of detecting unknown malwares that never seen before and we notice that our framework detects these malwares with a high accuracy.