AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware

Md Omar Faruque Khan Russel, Sheikh Shah Mohammad Motiur Rahman, Mamoun Alazab

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


This paper represents a static analysis based research of android’s feature in obfuscated android malware. Android smartphone’s security and privacy of personal information remain threatened because of android based device popularity. It has become a challenging and diverse area to research in information security. Though malware researchers can detect already identified malware, they can not detect many obfuscated malware. Because, malware attackers use different obfuscation techniques, as a result many anti malware engines can not detect obfuscated malware applications. Therefore, it is necessary to identify the obfuscated malware pattern made by attackers. A large-scale investigation has been performed in this paper by developing python scripts, named it AndroShow, to extract pattern of permission, app component, filtered intent, API call and system call from an obfuscated malware dataset named Android PRAGuard Dataset. Finally, the patterns in a matrix form have been found and stored in a Comma Separated Values (CSV) file which will be the base of detecting the obfuscated malware in future.

Original languageEnglish
Title of host publicationMachine Intelligence and Big Data Analytics for Cybersecurity Applications
EditorsYassine Maleh, Mohammad Shojafar, Mamoun Alazab, Youssef Baddi
Place of PublicationCham, Switzerland
PublisherSpringer Nature Switzerland AG
Number of pages26
ISBN (Electronic)978-3-030-57024-8
ISBN (Print)978-3-030-57023-1
Publication statusPublished - 2021

Publication series

NameStudies in Computational Intelligence
ISSN (Print)1860-949X
ISSN (Electronic)1860-9503


Dive into the research topics of 'AndroShow: A Large Scale Investigation to Identify the Pattern of Obfuscated Android Malware'. Together they form a unique fingerprint.

Cite this