Table 7 Top 10 API calls logged from malware samples where the hybrid approach was better than the state-based approach (Dataset2)
From: Machine learning-based dynamic analysis of Android apps with improved code coverage
API signatures | State | Hybrid | Difference |
|---|---|---|---|
Landroid/net/Uri;->parse | 2867 | 2992 | 125 |
Landroid/content/ContextWrapper;->sendBroadcast | 693 | 785 | 92 |
Landroid/net/NetworkInfo;->getExtraInfo | 115 | 156 | 41 |
Landroid/telephony/SmsManager;->sendTextMessage | 26 | 44 | 18 |
Landroid/telephony/SmsManager;->divideMessage | 3 | 16 | 13 |
Landroid/net/wifi/WifiManager;->setWifiEnabled | 9 | 18 | 9 |
Ljava/lang/System;->loadLibrary | 1867 | 1872 | 5 |
Landroid/content/ContextWrapper;->startActivity | 19 | 23 | 4 |
Ljava/lang/Process;->getOutputStream | 80 | 84 | 4 |
enfperm | 1453 | 1456 | 3 |