N-opcode analysis for android malware classification and categorization

BooJoong Kang, Suleiman Y. Yerima, Kieran McLaughlin, Sakir Sezer

Research output: Chapter in Book/Report/Conference proceedingConference contribution

40 Citations (Scopus)
309 Downloads (Pure)


Malware detection is a growing problem particularly on the Android mobile platform due to its increasing popularity and accessibility to numerous third party app markets. This has also been made worse by the increasingly sophisticated detection avoidance techniques employed by emerging malware families. This calls for more effective techniques for detection and classification of Android malware. Hence, in this paper we present an n-opcode analysis based approach that utilizes machine learning to classify and categorize Android malware. This approach enables automated feature discovery that eliminates the need for applying expert or domain knowledge to define the needed features. Our experiments on 2520 samples that were performed using up to 10-gram opcode features showed that an f-measure of 98% is achievable using this approach.
Original languageEnglish
Title of host publicationCyber Security: Proceedings of the 2016 International Conference on Cyber Security and Protection of Digital Services
Place of PublicationUnited Kingdom
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages7
ISBN (Electronic)978-1-5090-0709-7
ISBN (Print)978-1-5090-0710-3
Publication statusPublished - 11 Jul 2016
EventCyber Security and Protection of Digital Services - London, United Kingdom
Duration: 13 Jun 201614 Jun 2016


ConferenceCyber Security and Protection of Digital Services
Abbreviated titleCyber Security
CountryUnited Kingdom

Fingerprint Dive into the research topics of 'N-opcode analysis for android malware classification and categorization'. Together they form a unique fingerprint.

Cite this