AndMFC: Android Malware Family Classification Framework

Turker S., CAN A. B.

IEEE 30th Annual International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC), İstanbul, Turkey, 08 September 2019 identifier identifier

  • Publication Type: Conference Paper / Full Text
  • Volume:
  • Doi Number: 10.1109/pimrcw.2019.8880840
  • City: İstanbul
  • Country: Turkey
  • Hacettepe University Affiliated: Yes


As the popularity of Android mobile operating system grows, the number of malicious software have increased extensively. Therefore, many research efforts have been done on Android malware analysis. Besides detection of malicious Android applications, recognizing families of malwares is also an important task in malware analysis. In this paper, we propose a machine learning-based classification framework that classifies Android malware samples into their families. The framework extracts requested permissions and API calls from Android malware samples and uses them as features to train a large set of machine learning classifiers. To validate the performance of our proposed approach, we use three different malware datasets. Our experimental results show that all of the tested models classify malwares efficiently. We also make a study of detecting unknown malwares that never seen before and we notice that our framework detects these malwares with a high accuracy.