SFDroid: Android Malware Detection using Ranked Static Features

Over the past few years, malware attacks have risen in huge numbers on the Android platform. Significant threats are posed by these attacks which may cause financial loss, information leakage, and damage to the system. Around 25 million smartphones were infected with malware within the first half of 2019 that depicts the seriousness of these attacks. Taking into account the danger posed by the Android malware to the users' community, we aim to develop a static Android malware detector named SFDroid that analyzes manifest file components for malware detection. In this work, first, the proposed model ranks the manifest features according to their frequency in normal and malicious apps. This helps us to identify the significant features present in normal and malware datasets. Additionally, we apply support thresholds to remove the unnecessary and redundant features from the rankings. Further, we propose a novel algorithm that uses the ranked features, and several machine learning classifiers to detect Android malware. The experimental results demonstrate that by using the Random Forest classifier at 10% support threshold, the proposed model gives a detection accuracy of 95.90% with 36 manifest components.