MixDroid: A multi-features and multi-classifiers bagging system for Android malware detection

In the past decade, Android platform has rapidly taken over the mobile market for its superior convenience and open source characteristics. However, with the popularity of Android, malwares targeting on Android devices are increasing rapidly, while the conventional rule-based and expert-experienced approaches are no longer able to handle such explosive growth. In this paper, combining with the theory of natural language processing and machine learning, we not only implement the basic feature extraction of permission application features, but also propose two innovative schemes of feature extraction: Dalvik opcode features and malicious code image, and implement an automatic Android malware detection system MixDroid which is based on multi-features and multi-classifiers. According to our experiment results on 20,000 Android applications, detection accuracy of MixDroid is 98.1%, which proves our schemes’ effectiveness in Android malware detection.