Popularity and openness have made the Android platform a potential target of malware attacks. The hackers continuously evolve and improve attacking strategies to identify vulnerabilities in newer Android versions. Detection and analysis of malware attacks in Android platform pose unique challenges due to the security restrictions and resource limitations present in these devices. This paper proposes a new behavioural method for Android malware detection and classification. In the proposed approach, the Android malware dataset is decompiled to identify the suspicious API classes/methods and generated an encoded list. The multiple sequence alignment for different malware families is created using the encoded patterns and it is further applied to generate profile hidden Markov model. The model classifies an unknown application as benign or malicious based on the log likelihood score generated. The framework provides an accuracy of 94.5%, which is relatively higher compared to existing similar frameworks for detection of android malware.

流行性和开放性已使Android平台成为恶意软件攻击的潜在目标。黑客不断发展和完善攻击策略，以识别较新的Android版本中的漏洞。由于这些设备中存在安全限制和资源限制，因此在Android平台中检测和分析恶意软件攻击构成了独特的挑战。本文提出了一种用于Android恶意软件检测和分类的新行为方法。在提出的方法中，对Android恶意软件数据集进行反编译以识别可疑的API类/方法，并生成一个编码列表。使用编码模式创建不同恶意软件家族的多序列比对，并将其进一步应用于生成配置文件隐藏马尔可夫模型。该模型根据生成的对数似然评分将未知应用程序分类为良性或恶意。该框架提供了94.5％的准确性，与现有的用于检测android恶意软件的类似框架相比，该准确性相对较高。