Characterization of Android Malware Families by a Reduced Set of Static Features

  1. Javier Sedano Franco 1
  2. Camelia Chira 2
  3. Silvia González González 1
  4. Álvaro Herrero Cosío 3
  5. Emilio Santiago Corchado Rodríguez 4
  6. José Ramón Villar Flecha 5
  1. 1 Instituto Tecnológico de Castilla y León

    Instituto Tecnológico de Castilla y León

    Burgos, España

  2. 2 Technical University of Cluj-Napoca

    Technical University of Cluj-Napoca

    Cluj, Rumanía


  3. 3 Universidad de Burgos

    Universidad de Burgos

    Burgos, España


  4. 4 Universidad de Salamanca

    Universidad de Salamanca

    Salamanca, España


  5. 5 Universidad de Oviedo

    Universidad de Oviedo

    Oviedo, España


International Joint Conference SOCO’16-CISIS’16-ICEUTE’16: San Sebastián, Spain, October 19th-21st, 2016 Proceedings
  1. Manuel Graña Romay (coord.)
  2. José Manuel López Guede (coord.)
  3. Oier Etxaniz (coord.)
  4. Álvaro Herrero Cosío (coord.)
  5. Héctor Quintián Pardo (coord.)
  6. Emilio Santiago Corchado Rodríguez (coord.)

Publisher: Springer Suiza

ISBN: 978-3-319-47364-2 3-319-47364-6 978-3-319-47363-5 3-319-47363-8

Year of publication: 2017

Pages: 607-620

Congress: International Conference on Computational Intelligence in Security for Information Systems (9. 2016. San Sebastián)

Type: Conference paper


Due to the ever increasing amount and severity of attacks aimed at compromising smartphones in general, and Android devices in particular, much effort have been devoted in recent years to deal with such incidents. However, accurate detection of bad-intentioned Android apps still is an open challenge. As a follow-up step in an ongoing research, preset paper explores the selection of features for the characterization of Android-malware families. The idea is to select those features that are most relevant for characterizing malware families. In order to do that, an evolutionary algorithm is proposed to perform feature selection on the Drebin dataset, attaining interesting results on the most informative features for the characterization of representative families of existing Android malware.