Skip to main content

Table 5 Top 10 API calls logged from malware samples where the hybrid approach was better than the state-based approach (Dataset1)

From: Machine learning-based dynamic analysis of Android apps with improved code coverage

API signatures State Hybrid Difference
Ljava/util/Date 177 301 124
Ljava/util/Date;->< init> 171 289 118
Ljava/util/List 171 289 118
Ljava/util/Timer;->schedule 222 339 117
Ljava/util/GregorianCalendar;->getTime 107 207 100
Ljava/util/zip/ZipInputStream;->read 242 336 94
Ljava/io/File;->exists 602 667 65
Ljava/security/MessageDigest;->digest 366 431 65
Lorg/apache/http/client/HttpClient;->execute 133 188 55
Ljava/security/MessageDigest;->update 288 335 47