The most common solutions found in current academic literature for detecting malware on Android devices involve the use of machine learning-based classification models. Typically, such solutions require training models on datasets containing a significant number of samples (e.g., 100k, 1M) and features (e.g., 3k, 500k). However, evaluating these datasets can be computationally time-consuming and can impact model quality. To mitigate these issues, researchers have proposed various methods for selecting specific features (such as permissions and API calls), reducing the dataset size without sacrificing identification capability. In this work, we propose to evaluate different recent methods for feature selection focused on specific characteristics, such as SigPID (Sun et al., 2016), which reduces the dimensionality of permissions, and SigAPI (Galib and Hossain, 2020), which reduces the dimensionality of API calls.
|
