PICCdroid: A novel permissions and intent correlation coefficient based android malware detection method
摘要
Android phones have gained popularity since 2008, attracting many malware threats. To identify these threats, researchers have proposed various models. Most models for classifying malware rely on machine learning and deep learning techniques. However, these techniques have some limitations, including the requirement of a large amount of data to achieve accurate classification, bias towards certain samples, and the potential for overfitting to new data. In this study, we opted not to use these techniques and instead employed correlation coefficients to identify distinguishing pairs of permissions and intents. We propose a novel detection model named PICCdroid that first cleans the data to remove irrelevant features and extracts feature pairs, i.e., pairs of permissions and intents combined. Further, we calculate Yule’s correlation coefficient score for feature pairs for both normal and malware datasets. The calculated correlation coefficient score is then used to determine whether the testing application is normal or malicious. The evaluation results show that our proposed model, incorporating Yule’s correlation, can accurately classify 99.14% of the applications, outperforming various other correlation techniques and many state-of-the-art detection methods.