Repackaged Android Application Classification Through Static Global Image Feature Analysis

Author

Robert Cox, University of South AlabamaFollow

Date of Award

12-2021

Document Type

Thesis

Degree Name

M.S.

Department

Computer and Information Science

Committee Chair

Benton Ryan, Ph.D.

Abstract

Over the last 10 to 12 years, Android device usage has shown a steady increase year over year. This leads to the same growth, if not more, in Android application availability and usage. Based on the drastically increased usage and the ease of reverse engineering, malicious repackaged applications have become a severe problem within the Android Marketplace. One potentially fruitful approach is the use of a combination of visualization, pattern recognition, and machine learning methods to classify applications as either malware or safe. The first part of this research focuses on an image-based malware classification system based on static analysis of visualizations by means of feeding global features extracted from images to machine learning and prediction algorithms. Results that incorporate a subset of the proposed features indicate we can achieve 85% malware classification accuracy. The second part of this research focuses on using the same technique to identify repackaged applications rather than specifically malicious ones. A series of experiments with different combinations of training and testing images showed an accuracy of up to 99.7% in identifying an application that has been repackaged.

Recommended Citation

Cox, Robert, "Repackaged Android Application Classification Through Static Global Image Feature Analysis" (2021). Theses and Dissertations . 3.
https://jagworks.southalabama.edu/theses_diss/3