DroidDolphin: a Dynamic Android Malware Detection Framework Using Big Data and Machine Learning

Smartphones are getting more and more popular nowadays with various kinds of applications to make our lives more convenient. Unfortunately, as there are more and more applications, the malicious applications, also known as malware, arises as well. The users often tempted into install these malware without any awareness, and the malware steals the users’ personal information. Some malware would send SMS or make phone calls, which result in additional charges. Thus, detection of malware is critical to protect smartphone users.
In this thesis, we proposed DroidDolphin, a dynamic malware analysis framework which leverages the technologies of GUI-based testing, big data analysis and machine learning to detect malicious Android applications. Based on our automatic testing tool, we were able to collect a dataset with 32,000 benign and 32,000 malicious applications so far. Our preliminary results showed that the prediction accuracy reaches 86.1% and F-score reaches 0.857. As the dataset increases, the accuracy of detection increases significantly, which makes this methodology promising.