Static and Dynamic Analysis for Android Malware Detection

Author

Ankita Kapratwar, San Jose State University

Publication Date

Spring 2016

Degree Type

Master's Project

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Mark Stamp

Second Advisor

Thomas Austin

Third Advisor

Fabio Di Troia

Keywords

Android bytecode malware machine learning

Abstract

Static analysis relies on features extracted without executing code, while dynamic analysis extracts features based on code execution (or emulation). In general, static analysis is more e cient, while static analysis is often more informative, particularly in cases of highly obfuscated code. Static analysis of an Android application can rely on features extracted from the manifest le or the Java bytecode, while dynamic analysis of Android applications can deal with features involving dynamic code loading and system calls that are collected while the application is running. In this research, we analyzed the e ectiveness of combining static and dynamic features for detecting Android malware using machine learning techniques . We also carefully analyze the robustness of our scoring technique.

Recommended Citation

Kapratwar, Ankita, "Static and Dynamic Analysis for Android Malware Detection" (2016). Master's Projects. 488.
DOI: https://doi.org/10.31979/etd.za5p-mqce
https://scholarworks.sjsu.edu/etd_projects/488