Android Trojan Detection Based on Dynamic Analysis

Abstract

Nowadays, mobile devices such as smartphones are no longer limited for phone calling or sending messages but it also being used for web browsing, social networking, meeting scheduling, gaming, file downloading and online banking transaction.  To certain extend smartphones user kept confidential information such as contacts, bank account number, username and password for online banking, credit card number, memorable and private pictures in these devices. There are various type of smartphone operating system such as Apple iOS, Google Android, and Microsoft's Windows Phone. The most popular operating system for smartphones are Android. This become as one of the main target for attackers to spread the mobile malware especially Trojans virus. Based on that, this research will use dynamic analysis to detect their features. So, the parameter such as system call will be investigate in this project. Dataset that will use are Trojan dataset and benign application. The Trojan dataset can be download by Drebin and benign from Google Play store in apk version. The proposed of this research are to detect android Trojan based on dynamic analysis. The information gain algorithm is used to select the most significant system call, then the classification algorithm Random Forest, J48 and NaiveBayes used to classify the Android apps as Trojan or benign apps. The experimental results show that Random Forest Algorithm achieved highest accuracy of 81.2 % with lowest false positive rate of 0.188.