Abstract:
Our everyday lives are integrated with the use of mobile devices which store sensitive data.
Sensitive data stored on smartphones attract different threats including malware. Among mobile
platforms, Android is the most popular OS with malware targeting sensitive information and other
mobile services. If malware infects a digital device, then it has control over the device's
functionality and data. This can impact your finances, your privacy, and your access to your data.
Malware is a threat not only to individuals but also to corporate organisations and financial
institutions as well. This could lead to communication traffic of an infected network, hardware
failure of the physical device, data theft, and loss of critical business data, among others. There are
existing detection techniques for identifying Android malware. However, these techniques are
limited in detecting evolving and sophisticated malware which use permission features as attack
vectors in a smart fashion to infect Android mobile devices. To improve malware detection accuracy based on the related problem, we developed techniques
for identifying Android-based malicious applications. To achieve this, the author presents a
thorough review of the mobile malware evolution and infection strategies. The second part of the
survey covers Android mobile malware detection, classification, and analysis techniques where
the author identifies their efficacy in detecting evolving malware and their limitations. The author
identifies through the review research gaps which open unto the development of different and
novel solutions for Android malware classification and analysis. We leveraged the existing strengths of the previous methods to develop a robust novel automated
framework to classify and analyse Android malware based on permission features. Classification
accuracy of 97% was achieved with our framework with a False Positive Rate of 3%. Our
techniques identified privileges that malware exploits as attack vectors to infect Android-based
devices. The results demonstrate that our framework has high feature diversity capabilities for
Android malware classification. We identified that there are permissions with similar attributes
that are correlated and can trigger the installation of similar permissions with the same threat level
especially. However, these prevention techniques are not tested on other mobile platforms' data
and do not focus on mitigating pileup susceptibilities. Finally, we believe that as the results of this
research are being made public and cited by organizations and individuals, the outcome of this will
influence the security and social policies that mobile companies will implement based on some of
the recommendations by our findings.