Skip to main content

Table 3 Top 10 API calls logged from malware samples where the hybrid approach was better than the random-based approach (Dataset2)

From: Machine learning-based dynamic analysis of Android apps with improved code coverage

API signatures Random Hybrid Difference
Ljava/util/zip/ZipInputStream;->read 1270 3716 2446
Lorg/apache/http/client/methods/ HttpPost;->< init> 1128 3501 2373
Ljava/security/MessageDigest;->Instance 2406 4660 2254
Ljava/security/MessageDigest;->digest 2213 4442 2229
Landroid/content/Context;->getResources 2754 4870 2116
Landroid/net/Uri;->parse 917 2992 2075
Ljava/security/MessageDigest;->update 2023 4072 2049
Landroid/telephony/ TelephonyManager;->getDeviceId 2277 4223 1946
Ljava/lang/reflect/Method;->getClass 2468 4346 1878
Ljava/lang/Class;->getName 1879 3742 1863