Android, the most widely-used mobile operating system, attracts the attention of malware developers as well as benign users. Despite the serious proactive actions taken by Android, the Android malware is still widespread as a result of the increasing sophistication and the diversity of malware. Android malware detection systems are generally classified into two: (1) Static analysis, and (2) dynamic analysis. In this study, a novel Android malware detection framework, namely, Hybroid, was proposed which combines both the static and dynamic analysis techniques to benefit from the advantages of both of these techniques. An up-to-date version of Android, namely, Android Oreo, was specifically employed in order to handle the problem from an up-to-date perspective as the recent versions of Android provide new security mechanisms, which are discussed with this study. Hybroid was evaluated on a large dataset that consists of 10,658 applications, and the accuracy of Hybroid was calculated as high as 99.5% when it was utilized with the J48 classification algorithm which outperforms the state-of-the-art studies. The key findings in consequence of the experimental result are discussed in order to shed light on Android malware detection.
Android malware detection, mobile malware, mobile security, static analysis, dynamic analysis, Android