Review article
Malicious application detection in android — A systematic literature review

https://doi.org/10.1016/j.cosrev.2021.100373Get rights and content

Abstract

Context:

In last decade, due to tremendous usage of smart phones it seems that these gadgets became an essential necessity of day-to-day life. People are using new technologies and storing prominent data in their smartphones. Unfortunately, data related to privacy is center of attraction for attackers. Therefore, attackers are developing new techniques to steal the data from smartphones.

Objective:

The objective of study is to report a systematic literature review regarding malicious application detection in android operating system.

Method:

Standard systematic literature review method is used to carry out the research. In this, 380 research articles are studied which are published in various prominent international journals and conferences.

Results:

The different techniques which are used to investigate malicious application are identified. Furthermore, features used in static and dynamic technique are classified according to their usage in recent approaches. Various hybrid methods are analyzed and mapped according to the combination of static and dynamic features used. A variety of machine learning techniques are also identified and categorized in different classes. The datasets are listed are taken from various previous research approaches.

Conclusion:

This research will help to identify malicious applications in android operating system. New hybrid techniques must be implemented to investigate malware activities and recommendations are given for future research.

Section snippets

Introduction and motivation

With the addition of smart phones in day-to-day life, its involvement in our life gets increased. It is involved in all daily activities of a person:

  • Whether it is phone call to friend/relative.

  • Capturing a precious life moment.

  • Doing any important bank transaction.

  • Or storing valuable data to a digital storage place.

Now in these days, the utilization of mobile phones gets increased rapidly and it becomes source of all the things which were implemented/ executed by telephone, camera, computers and

Review method

Systematic literature review reported in the paper will include the following factors [28], [29], [30], [31]:

  • Development of Review Protocol

  • Conducting Review

  • Analyzing the Results

  • Reporting the Results

  • Discussion of Findings

Current status of mobile operating systems used in market

In the era of digitalization, mobile phone is the primary need of majority of people. In these mobile phones, the category of smart phone is more famous than others because it can be used for multiple purposes like calling, SMS, storage, picture capturing and working on internet. There are numerous types of operating systems are available in the market that are used in these smart phones. But as per the report from [1], 75% of the world is using Google’s android operating system. The Fig. 5

Inferences

Fig. 18 shows the synthesis of literature review, it illustrates various detection techniques along with machine learning classification and datasets used. In this figure, we reported the studies which has used machine learning with any of detection technique. Two mostly used malware datasets are mentioned in the figure.

This section discusses some inferences from the literature review:

  • Mostly static analysis techniques are used for malware detection as compared to other techniques. This is due

Conclusion and future research

To sum up, the review is conducted on 380 research papers which are identified from various international research articles from reputed electronic sources. The prime focus of study is to identify various android malicious application detection techniques. The results are presented in various forms such as tables, line charts, pie charts, flow diagrams and mapping table. It is found that detection system is divided into three categories: Static, dynamic and hybrid. It is identified that both

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

References (387)

  • SokolovaK. et al.

    Android application classification and anomaly detection with graph-based permission patterns

    Decis. Support Syst.

    (2017)
  • SheenS. et al.

    Android based malware detection using a multifeature collaborative decision fusion approach

    Neurocomputing

    (2015)
  • TalhaK.A. et al.

    APK auditor: Permission-based Android malware detection system

    Digit. Investig.

    (2015)
  • ZhangL. et al.

    A scalable and extensible framework for android malware detection and family attribution

    Comput. Secur.

    (2019)
  • WangX. et al.

    Characterizing Android apps’ behavior for effective detection of malapps at large scale

    Future Gener. Comput. Syst.

    (2017)
  • SuD. et al.

    Discovering communities of malapps on Android-based mobile cyber-physical systems

    Ad Hoc Netw.

    (2018)
  • ZhuH.J. et al.

    DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model

    Neurocomputing

    (2018)
  • RehmanZ.U. et al.

    Machine learning-assisted signature and heuristic-based detection of malwares in Android devices

    Comput. Electr. Eng.

    (2018)
  • MoonsamyV. et al.

    Mining permission patterns for contrasting clean and malicious android applications

    Future Gener. Comput. Syst.

    (2014)
  • ElishK.O. et al.

    Profiling user-trigger dependence for Android malware detection

    Comput. Secur.

    (2015)
  • ZhangY. et al.

    SaaS: A situational awareness and analysis system for massive android malware detection

    Future Gener. Comput. Syst.

    (2019)
  • Statista reports Mobile operating systems’ market share worldwide from 2012 to 2019

    (2020)
  • RawalH. et al.

    Android Internal Analysis of APK by Droid_Safe & APK Tool

    Int. J. Adv. Res. Comput. Sci.

    (2017)
  • Al AliM. et al.

    Malware detection in android mobile platform using machine learning algorithms

  • TamK. et al.

    The evolution of android malware and android analysis techniques

    ACM Comput. Surv.

    (2017)
  • BakourK. et al.

    The Android malware detection systems between hope and reality

    SN Appl. Sci.

    (2019)
  • A. Reina, A. Fattori, L. Cavallaro, A system call-centric analysis and stimulation technique to automatically...
  • Gartner Says Huawei Secured (2) Worldwide Smartphone Vendor Spot, Surpassing Apple in Second Quarter 2018

    (2018)
  • WinterJ. et al.

    Exploring the success factors of mobile business ecosystems

    Int. J. Innov. Technol. Manage.

    (2018)
  • ArshadS. et al.

    SAMADroid: a novel 3-level hybrid malware detection model for android operating system

    IEEE Access

    (2018)
  • ShabtaiAsaf

    Malware detection on mobile devices

  • ChangY. et al.

    The concept of attack scenarios and its applications in Android malware detection

  • AllixK. et al.

    A forensic analysis of Android Malware–how is malware written and how it could be Detected?

  • ArpD. et al.

    DREBIN: Effective and explainable detection of android malware in your pocket

  • E.B. Karbab, M. Debbabi, A. Derhab, D. Mouheb, Cypider: building community-based cyber-defense infrastructure for...
  • AgrawalP. et al.

    A survey on android malware and their detection techniques

  • OdusamiM. et al.

    Android malware detection: A survey

  • FanM. et al.

    Android malware familial classification and representative sample selection via Frequent Subgraph Analysis

    IEEE Trans. Inf. Forensics Secur.

    (2018)
  • C.A. Castillo, Android malware past, present, and future, White Paper of McAfee Mobile Security Working Group 1,...
  • AldiniA. et al.

    Detection of repackaged mobile applications through a collaborative approach

    Concurr. Comput.: Pract. Exper.

    (2015)
  • TaoJ. et al.

    An android malware detection system based on behavior comparison analysis

  • ChiH. et al.

    A fast approach towards Android malware detection

  • AtzeniA. et al.

    Countering android malware: A scalable semi-supervised approach for family-signature generation

    IEEE Access

    (2016)
  • KitchenhamB. et al.

    Repeatability of systematic literature reviews

  • KitchenhamB.

    Procedures for performing systematic reviews

    Keele UK Keele Univ.

    (2004)
  • AlomarN. et al.

    Social authentication applications, attacks, defense strategies and future research directions: a systematic review

    IEEE Commun. Surv. Tutor.

    (2017)
  • KitchenhamB. et al.

    Protocol for Extending an Existing Tertiary Study of Systematic Literature Reviews in Software Engineering

    (2017)
  • KitchenhamB. et al.

    Meta-analysis for families of experiments in software engineering: a systematic review and reproducibility and validity assessment

    Empir. Softw. Eng.

    (2020)
  • ContiM. et al.

    The dark side (-channel) of mobile devices: A survey on network traffic analysis

    IEEE Commun. Surv. Tutor.

    (2018)
  • PollaM.L. et al.

    A survey on security for mobile devices

    IEEE Commun. Surv. Tutor.

    (2012)
  • Cited by (0)

    View full text