The recent increase in Android's popularity has resulted in a swamp of attacks faced by the platform. Several researchers have come out with various static malware detection tools using opcodes as features since opcodes provide the details of intrinsic patterns of application raw data. This article presents a new malware detection approach CogramDroid based on opcode ngrams. The approach classifies the applications based on the relative frequency patterns of the opcode ngrams using the concept of word cooccurrence of natural language processing. The objective of the article is to develop a malware detection approach with high accuracy and time efficiency. The article also presents an analysis of the number of opcodes required for effective malware detection. In this study, an accuracy rate of 96.22% and an F₁-score of 96.69% is achieved using seven core opcodes and three grams.

中文翻译：

---

CogramDroid——一种使用操作码 ngrams 在 Android 中检测恶意软件的方法

最近 Android 越来越受欢迎，导致该平台面临大量攻击。由于操作码提供了应用程序原始数据的内在模式的详细信息，因此一些研究人员提出了各种使用操作码作为特征的静态恶意软件检测工具。本文介绍了一种新的基于操作码 ngrams 的恶意软件检测方法 CogramDroid。该方法使用自然语言处理的词共现概念，根据操作码 ngram 的相对频率模式对应用程序进行分类。本文的目标是开发一种具有高精度和时间效率的恶意软件检测方法。本文还分析了有效检测恶意软件所需的操作码数量。在本研究中，准确率为 96.22%，F ₁-score 96.69% 是使用七个核心操作码和三个克实现的。