PermPair: Android Malware Detection Using Permission Pairs

The Android smartphones are highly prone to spreading the malware due to intrinsic feebleness that permits an application to access the internal resources when the user grants the permissions knowingly or unknowingly. Hence, the researchers have focused on identifying the conspicuous permissions that lead to malware detection. Most of these permissions, common to malware and normal applications present themselves in different patterns and contribute to attacks. Therefore, it is essential to find the significant combinations of the permissions that can be dangerous. Hence, this paper aims to identify the pairs of permissions that can be dangerous. To the best of our knowledge, none of the existing works have used the permission pairs to detect malware. In this paper, we proposed an innovative detection model, named PermPair, that constructs and compares the graphs for malware and normal samples by extracting the permission pairs from the manifest file of an application. The evaluation results indicate that the proposed scheme is successful in detecting malicious samples with an accuracy of 95.44%; when compared to other similar approaches and favorite mobile anti-malware apps. Further, we also proposed an efficient edge elimination algorithm that removed 7%; of the unnecessary edges from the malware graph and 41% from the normal graph. This lead to minimum space utility and also 28% decrease in the detection time.