Skip to main content

Table 3 Top 10 API calls logged from malware samples where the hybrid approach was better than the random-based approach (Dataset2)

From: Machine learning-based dynamic analysis of Android apps with improved code coverage

API signatures

Random

Hybrid

Difference

Ljava/util/zip/ZipInputStream;->read

1270

3716

2446

Lorg/apache/http/client/methods/ HttpPost;->< init>

1128

3501

2373

Ljava/security/MessageDigest;->Instance

2406

4660

2254

Ljava/security/MessageDigest;->digest

2213

4442

2229

Landroid/content/Context;->getResources

2754

4870

2116

Landroid/net/Uri;->parse

917

2992

2075

Ljava/security/MessageDigest;->update

2023

4072

2049

Landroid/telephony/ TelephonyManager;->getDeviceId

2277

4223

1946

Ljava/lang/reflect/Method;->getClass

2468

4346

1878

Ljava/lang/Class;->getName

1879

3742

1863