Abstract

As the popularity of Android smart devises increases, the battle of alleviating Android malware has been considered as a crucial activity with the advent of new attacks including progressively complicated evasion techniques, consequently entailing more cutting-edge detection techniques. Hence, in this paper, two Machine Learning (ML) algorithms, called Support Vector Machine (SVM) and K-Nearest Neighbors (KNN), are applied and evaluated to perform classification of the feature set into either benign or malicious applications (apps) through supervised learning process. This work involves in static analysis of apps, which checks for the presence and frequency of keywords in the Android apps' manifest file and derives the static feature sets from a 400-app dataset to produce better malware detection results. The classification performance of the ML algorithms is measured in terms of accuracy and true positive rate and interpreted to determine which algorithm is more applicable for the Android malware detection. The experimental results for a dataset of real malware and benign apps indicate the average accuracy rate of 79.08% and 80.50% with average true positive rate of over 67.00% and 80.00% using SVM and KNN, respectively.