An Analysis of Android Adware

Authors

Supraja Suresh, San Jose State University
Fabio Di Troia, San Jose State University
Katerina Potika, San Jose State UniversityFollow
Mark Stamp, San Jose State University

Publication Date

September 2019

Document Type

Article

Publication Title

Journal of Computer Virology and Hacking Techniques

Volume

15

DOI

10.1007/s11416-018-0328-8

First Page

147

Last Page

160

Abstract

Most Android smartphone applications, or apps, are free—to generate revenue, advertisements are displayed when an app is used. Billions of dollars are lost annually due to adware committing advertising fraud. In this research, we propose and analyze a machine learning based scheme to detect Android adware based on static and dynamic features. We collect static features from the manifest file, while dynamic features are obtained from network traffic. Using these features, we classify Android applications as either adware or benign, and further classify each adware sample into a specific family. We employ a variety of machine learning techniques, including neural networks, random forests, AdaBoost and support vector machines. We show that a combination of static and dynamic features is most effective, and we find that, ironically, the multiclass adware classification problem is easier than the binary detection problem.

Keywords

Adaptive boosting, Artificial intelligence, Classification (of information), Decision trees, Feature extraction, Learning systems, Malware

Comments

SJSU users: Use the following link to login and access this article via SJSU databases.

Recommended Citation

Supraja Suresh, Fabio Di Troia, Katerina Potika, and Mark Stamp. "An Analysis of Android Adware" Journal of Computer Virology and Hacking Techniques (2019): 147-160. https://doi.org/10.1007/s11416-018-0328-8