Date of Award
Master of Science
Department of Electrical and Computer Engineering
Thomas E. Dube, PhD.
Smartphones are becoming ubiquitous in everyday life and malware is exploiting these devices. Therefore, a means to identify the threats of malicious applications is necessary. This paper presents a method to classify and analyze Android malware through application component analysis. The experiment parses select portions from Android packages to collect features using byte sequences and permissions of the application. Multiple machine learning algorithms classify the samples of malware based on these features. The experiment utilizes instance based learner, naive Bayes, decision trees, sequential minimal optimization, boosted naive Bayes, and boosted decision trees to identify the best components that reveal malware characteristics. The best case classifies malicious applications with an accuracy of 99.24% and an area under curve of 0.9890 utilizing boosted decision trees. This method does not require scanning the entire application and provides high true positive rates. This thesis investigates the components to provide malware classification.
DTIC Accession Number
Guptill, John B., "Examining Application Components to Reveal Android Malware" (2013). Theses and Dissertations. 868.