Android Malware Classification by Applying Online Machine Learning

Creative Commons License

Pektas A., Cavdar M., ACARMAN T.

31st International Symposium on Computer and Information Sciences (ISCIS), Krakow, Poland, 27 - 28 October 2016, vol.659, pp.72-80 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 659
  • Doi Number: 10.1007/978-3-319-47217-1_8
  • City: Krakow
  • Country: Poland
  • Page Numbers: pp.72-80


A malware is deployed to execute malicious activities in the compromised operating systems. The widespread use of android smart-phones with high speed Internet and permissions granted to applications for accessing internal logs provides a favorable environment for the execution of unauthorized and malicious activities. The major risk and challenge lies along classification of a large volume and variety of malware. A malware may evolve and continue to hide its malicious activies against security systems. Knowing malware features a priori and classification of a malware plays a crucial role at defending the safety and liability critical user's information. In this paper, we study android malware activities, features and apply online machine learning algorithm to classify a new android malware. We extract a fairly adequate set of malware features and we evaluate a machine learning based classification method. The runtime model is built and it can be implemented to detect variants of an android malware. The metrics illustrate the effectiveness of the proposed classification method.