Permission-based Android Malware Detection using Machine Learning

  • Saeed Seraj

Student thesis: Doctoral Thesis


Mobile devices, particularly Android-based devices, have become essential to our daily lives. However, this trend has also increased the number and sophistication of mobile malware, which can compromise user privacy, steal sensitive information, and cause other malicious activities. In this thesis, the focus is on detecting different types of Android malware using machine learning techniques. To achieve this goal, first, specialized datasets based on application permissions that are tailored to each type of malware was developed. Then optimized neural network architectures to detect each malware type was proposed. Specifically, this research focused on detecting malicious Antimalware and VPNs, Android Trojans, mobile Botnets, and malicious Adwares, some of the most prevalent and dangerous types of mobile malware. My approach has several advantages over traditional mobile security solutions. First, it provides a more fine-grained view of the behaviour of an application, enabling the detection of malicious apps that may appear benign based on their code alone. Second, it is scalable, enabling automated detection and classification of malware in the face of the rapidly growing number of Android devices and applications. Third, it is adaptable to new and emerging threats, making it more resilient to novel attacks. My results showed that my models achieved high accuracy rates in detecting these types of malware, outperforming existing methods. This work is the first to specifically target the detection of these types of Android malware based on permissions. This research’s findings have important implications for the field of mobile security, as they provide a new way to defend against malware threats that are becoming increasingly sophisticated and prevalent. The developed models can be integrated into existing security solutions to provide more robust protection for users' devices and personal information. Overall, this thesis presents a novel approach to detecting targeted Android threats using machine learning techniques. By leveraging application permissions, specialised datasets and models for identifying various types of Android malware were developed. The results demonstrate that the developed models achieve high accuracy rates in detecting these types of malware and are effective at detecting targeted threats that may be missed by traditional signature-based approaches.
Date of AwardNov 2023
Original languageEnglish
Awarding Institution
  • University of Brighton
SupervisorNikolaos Polatidis (Supervisor) & Michalis Pavlidis (Supervisor)

Cite this