Skip to main content

Table 9 Top 10 API calls logged from malware samples where the state-based approach was better than the hybrid approach (Dataset2)

From: Machine learning-based dynamic analysis of Android apps with improved code coverage

API signatures State Hybrid Difference
Lorg/apache/http/client/HttpClient;->execute 2732 2006 726
Landroid/net/NetworkInfo;->isConnected 3068 2521 547
Ljava/util/zip/ZipInputStream;->read 4221 3716 505
Lorg/apache/http/client/methods/ HttpPost;->< init> 3958 3501 457
Landroid/telephony/TelephonyManager;->getSubscriberId 1300 927 373
Landroid/telephony/TelephonyManager;->getSimOperator 1893 1537 356
Ljavax/crypto/Cipher;->init 2146 1812 334
Ljavax/crypto/SecretKey; 1960 1629 331
Ljavax/crypto/Cipher;->getInstance 2037 1709 328
Ljavax/crypto/spec/SecretKeySpec;->< init> 1891 1566 325