Abstract

The number of malware applications targeting the Android operating system has significantly increased in recent years. Malicious applications pose a significant threat to Android platform security. We propose ANASTASIA, a system to detect malicious Android applications through statically analyzing applications' behaviors. ANASTASIA provides a more complete coverage of security behaviors when compared to state-of-the-art solutions. We utilize a large number of statically extracted features from various security behavioral characteristics of an application. We built a Machine Learning-based detection framework with high performance detection and acceptable false positive rate. The significance of our work is to develop a lightweight malware detection system for Android-powered smartphones that leverages robust, effective, and efficient features. Besides, in order to assess our solution, we used a reliable, large-scale, and updated malware data-set in terms of diversity and number of malware applications. We evaluated the performance of our proposal on large-scale malware data-set (including 18,677 malware and 11,187 benign apps). Our experimental results show a true positive rate of 97.3% and a false negative rate of 2.7%. These results are better than what are reported by state-of-the-art Android malware detection methods.