AndroParse - An Android Feature Extraction Framework & Dataset

Authors

Robert Schmicker, University of New Haven
Frank Breitinger, University of New HavenFollow
Ibrahim Baggili, University of New HavenFollow

Author URLs

Professor Baggili's Faculty Profile

Professor Baggili's web page

Professor Breitinger's Faculty Profile

Professor Breitinger's web page

Professor Breitinger's Full Bibliography

UNHcFREG (UNH Cyber Forensics Research & Education Group / Lab)

Document Type

Book Chapter

Publication Date

9-2018

Subject: LCSH

G1 (Smartphone), Malware (Computer software)

Disciplines

Computer Engineering | Computer Sciences | Electrical and Computer Engineering

Abstract

Android malware has become a major challenge. As a consequence, practitioners and researchers spend a significant time analyzing Android applications (APK). A common procedure (especially for data scientists) is to extract features such as permissions, APIs or strings which can then be analyzed. Current state of the art tools have three major issues: (1) a single tool cannot extract all the significant features used by scientists and practitioners (2) Current tools are not designed to be extensible and (3) Existing parsers do not have runtime efficiency. Therefore, this work presents AndroParse which is an open-source Android parser written in Golang that currently extracts the four most common features: Permissions, APIs, Strings and Intents. AndroParse outputs JSON files as they can easily be used by most major programming languages. Constructing the parser allowed us to create an extensive feature dataset which can be accessed by our independent REST API. Our dataset currently has 67,703 benign and 46,683 malicious APK samples.

Comments

Dr. Baggili was appointed to the University of New Haven's Elder Family Endowed Chair in 2015.

This is the authors' accepted version of the paper published in Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (LNICST). The volume encompasses the proceedings of the 10th EAI International Conference on Digital Forensics & Cyber Crime, September 10-12 in New Orleans. The version of record for the proceedings volume may be purchased from the Springer web site.

The final authenticated version is available online at https://link.springer.com/conference/icdf2c

Repository Citation

Schmicker, Robert; Breitinger, Frank; and Baggili, Ibrahim, "AndroParse - An Android Feature Extraction Framework & Dataset" (2018). Electrical & Computer Engineering and Computer Science Faculty Publications. 81.
https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/81

Publisher Citation

Schmicker, R., Breitinger, F. & Baggili, I (2018). AndroParse - An Android Feature Extraction Framework & Dataset. In Digital Forensics & Cyber Crime: 10th International Conference, ICDF2C, September 10-12, 2018, New Orleans, Revised Selected Papers. Springer.