Android Botnet Detection Using Risk Assessment

Proceedings of the 8th International conference on Research in Engineering, Science and Technology

Year: 2018


[Fulltext PDF

Android Botnet Detection Using Risk Assessment

Muhammad Yusof, Madihah Mohd Saudiand  and Farida Ridzuan



The increasing popularity of Android mobile phones in recent years has attracted the attention of malware developers. Android applications (apps) pose many risks/threats to the user’s privacy and system integrity. Currently, permission-based models are used in the Android systems to detect the dangerous apps that possess several weaknesses. In this paper, a new risk assessment method is proposed to evaluate the amount of risk associated with every app in terms of privacy risk, financial risk, and smartphones system risk. It focused on the GPS exploitation for Android botnet detection. The assessment was based on static analysis that used features set permission and API calls. The quantitative calculation model was used as a method to differentiate between the benign and botnet apps. Every app was assessed for risk based on five categories such as Very High, High, Medium, Low and Very Low. Two datasets with 2694 Android botnet samples from Drebin and 774 benign apps from Google Play were used to evaluate the effectiveness of this method. The obtained results demonstrate that the proposed method is good in differentiating the Android botnet and benign apps based on the risk level. This will give a promising impression to the users during apps installation.

Keywords: Android, Android Botnet, Risk Assessment, Threat Level.