An Application Classification Framework for Information Leakage Detection on Android Platform

No Thumbnail Available



Journal Title

Journal ISSN

Volume Title


Addis Ababa University


The growing of android based smartphone popularity is one of the reasons which is attracting the distribution of information stealing applications developed by attackers. As the latest android operating system versions are being updated to detect vulnerabilities, malware applications are shifting their patterns from looking malicious to looking like a good-ware application in order not to be detected easily. The use of machine learning is adapted in various information leakage detection techniques. Machine learning classifiers are widely used to model Android information leakage patterns based on their static features and dynamic behavior. In order to overcome the problem of information leaking applications detection, in this thesis we proposed a machine learning based information leakage detection mechanism. Our proposed system utilizes the extracted features of samples of good-ware and malware applications to train classification model. The system extracts requested permissions, vulnerable application program interface calls, system calls sent in 30 seconds and intents, and uses them as features in various machine learning classifiers to build classification model. After performing various comparative analysis among classification algorithms and performance validation, we achieved high classification accuracy of 99.8 % using our high performing classification model. Using the model as one of the major components, we have designed the classification framework to classify a random application as a leaker or non-leaker by extracting its feature at different state and add the extracted feature into the dataset of our classification model, since we have used incremental supervised learning. Using incremental supervised learning is helping our classification model to improve its performance from time to time as more applications are getting classified by our framework.



Machine Learning, Leakers, Anomaly Detection