G1 (Smartphone), Malware (Computer software)
Computer Engineering | Computer Sciences | Electrical and Computer Engineering
Android malware has become a major challenge. As a consequence, practitioners and researchers spend a significant time analyzing Android applications (APK). A common procedure (especially for data scientists) is to extract features such as permissions, APIs or strings which can then be analyzed. Current state of the art tools have three major issues: (1) a single tool cannot extract all the significant features used by scientists and practitioners (2) Current tools are not designed to be extensible and (3) Existing parsers do not have runtime efficiency. Therefore, this work presents AndroParse which is an open-source Android parser written in Golang that currently extracts the four most common features: Permissions, APIs, Strings and Intents. AndroParse outputs JSON files as they can easily be used by most major programming languages. Constructing the parser allowed us to create an extensive feature dataset which can be accessed by our independent REST API. Our dataset currently has 67,703 benign and 46,683 malicious APK samples.
Schmicker, Robert; Breitinger, Frank; and Baggili, Ibrahim, "AndroParse - An Android Feature Extraction Framework & Dataset" (2018). Electrical & Computer Engineering and Computer Science Faculty Publications. 81.
Schmicker, R., Breitinger, F. & Baggili, I (2018). AndroParse - An Android Feature Extraction Framework & Dataset. In Digital Forensics & Cyber Crime: 10th International Conference, ICDF2C, September 10-12, 2018, New Orleans, Revised Selected Papers. Springer.