Detecting and classifying android malware using static analysis along with creator information

Hyunjae Kang, Jae Wook Jang, Aziz Mohaisen, Huy Kang Kim

Research output: Contribution to journalArticlepeer-review

102 Citations (Scopus)


Thousands of malicious applications targeting mobile devices, including the popular Android platform, are created every day. A large number of those applications are created by a small number of professional underground actors; however previous studies overlooked such information as a feature in detecting and classifying malware and in attributing malware to creators. Guided by this insight, we propose a method to improve the performance of Android malware detection by incorporating the creator's information as a feature and classify malicious applications into similar groups. We developed a system that implements this method in practice. Our system enables fast detection of malware by using creator information such as serial number of certificate. Additionally, it analyzes malicious behaviors and permissions to increase detection accuracy. The system also can classify malware based on similarity scoring. Finally, we showed detection and classification performance with 98% and 90% accuracy, respectively.

Original languageEnglish
Article number479174
JournalInternational Journal of Distributed Sensor Networks
Publication statusPublished - 2015

Bibliographical note

Publisher Copyright:
© 2015 Hyunjae Kang et al.

ASJC Scopus subject areas

  • General Engineering
  • Computer Networks and Communications


Dive into the research topics of 'Detecting and classifying android malware using static analysis along with creator information'. Together they form a unique fingerprint.

Cite this