With the exponential growth in Android apps, Android based devices are becoming victims of target attackers in the “silent battle” of cybernetics. To protect Android based devices from malware has become more complex and crucial for academicians and researchers. The main vulnerability lies in the underlying permission model of Android apps. Android apps demand permission or permission sets at the time of their installation. In this study, we consider permission and API calls as features that help in developing a model for malware detection. To select appropriate features or feature sets from thirty different categories of Android apps, we implemented ten distinct feature selection approaches. With the help of selected feature sets we developed distinct models by using five different unsupervised machine learning algorithms. We conduct an experiment on 5,00,000 distinct Android apps which belongs to thirty distinct categories. Empirical results reveals that the model build by considering rough set analysis as a feature selection approach, and farthest first as a machine learning algorithm achieved the highest detection rate of 98.8% to detect malware from real-world apps.

随着Android应用程序的指数级增长，基于Android的设备已成为控制论的“沉默之战”中目标攻击者的受害者。保护基于Android的设备免受恶意软件的侵害对于院士和研究人员而言变得更加复杂和至关重要。主要漏洞在于Android应用程序的底层权限模型。Android应用在安装时需要权限或权限集。在本研究中，我们将权限和API调用视为有助于开发恶意软件检测模型的功能。为了从三十种不同的Android应用类别中选择合适的功能或功能集，我们实施了十种不同的功能选择方法。借助选定的功能集，我们通过使用五种不同的无监督机器学习算法开发了不同的模型。我们对属于30个不同类别的5,00,000个不同的Android应用程序进行了实验。实证结果表明，该模型是通过将粗糙集分析作为一种特征选择方法而构建的，而最远的一种作为机器学习算法的模型，可以从实际应用中检测恶意软件的最高检测率为98.8％。