Skip to main content

Table 1 Top 10 API calls logged from malware samples where the hybrid approach was better than the random-based approach (Dataset1)

From: Machine learning-based dynamic analysis of Android apps with improved code coverage

API signatures Random Hybrid Difference
Ljava/io/File;->exists 477 667 190
Ljava/security/MessageDigest;->getInstance 338 473 135
Landroid/content/pm/ApplicationInfo;->getApplicationInfo 435 563 128
Ljava/security/MessageDigest;->digest 310 431 121
Ljava/util/zip/ZipInputStream;->read 219 336 117
Landroid/telephony/ TelephonyManager;->getDeviceId 315 429 114
Ljava/util/TimerTask;->< init> 808 921 113
Landroid/content/pm/PackageManager 651 756 105
Lorg/apache/http/client/HttpClient;->execute 89 188 99
Ljava/io/File;->mkdir 274 366 92