Android Malware Detection with Machine Learning cover

The Android Malware Handbook

Manual Analysis and ML-Based Detection
by Qian Han, Sai Deep Tetali, Salvador Mandujano, Sebastian Porst, V.S. Subrahmanian, and Yanhai Xiong
September 2023, 320 pp.
Use coupon code PREORDER to get 25% off!

This comprehensive guide to Android malware introduces current threats facing the world’s most widely used operating system. After exploring the history of attacks seen in the wild since the time Android first launched, including several malware families previously absent from the literature, you’ll practice static and dynamic approaches to analyzing real malware specimens. Next, you’ll examine the machine-learning techniques used to detect malicious apps, the types of classification models that defenders can use, and the various features of malware specimens that can become input to these models. You’ll then adapt these machine-learning strategies to the identification of malware categories like banking trojans, ransomware, and SMS fraud.

You’ll learn:

  • How historical Android malware can elevate your understanding of current threats
  • How to manually identify and analyze current Android malware using static and dynamic reverse-engineering tools
  • How machine-learning algorithms can analyze thousands of apps to detect malware at scale
Author Bio 

Sebastian Porst is the manager of Google’s Android Application Security Research team, which researches current and future attacks that target Android devices and users. Since joining the Android Security team in 2011, he has been a software engineer, security engineer, and malware analyst. Before that, he worked on binary code analysis, reverse engineering tools, and exploit and vulnerability analysis. He received a master’s in computer science from The Trier University of Applied Sciences, Germany, in 2007.

V.S. Subrahmanian is the Walter P. Murphy Professor of Computer Sci
ence and Buffett Faculty Fellow in the Buffett Institute of Global Affairs at Northwestern University. One of the world’s foremost experts on the intersection of AI and security issues, he pioneered the development of machine learning and AIbased techniques to analyze counterterrorism, cybersecurity, text, geospatial, and social network data. He has written eight books, edited ten, and published over 300 refereed articles. His work has been featured in outlets such as The Baltimore Sun, The Economist, The Wall Street Journal, Science, Nature, The Washington Post, and American Public Media.

Salvador Mandujano is a security engineering manager at Google, where he has led a number of teams in the fields of product security engineering, malware research, and payments security. Prior to joining Google, he held security research and architecture positions at Intel and Nvidia. He holds a Ph.D. in artificial intelligence from Tecnológico de Monterrey, a master’s in computer science from Purdue University, an MBA from The University of Texas at Austin, and a bachelor’s in computer engineering from Universidad Nacional Autónoma de México.

Yanhai Xiong is an assistant professor in the Department of Computer
Science and Engineering at the University of Louisville. Previously, she worked as a postdoctoral researcher in the Department of Computer Science at Dartmouth College. She obtained a Ph.D. from The Interdisciplinary Graduate School, Nanyang Technological University, in 2018, where she applied AI techniques to improving the efficiency of electric vehicle infrastructure. She received a bachelor’s in engineering from The University of Science and Technology of China in 2013.

Qian Han has been working as a research scientist at Meta since 2021.
He currently serves as the tech lead for the Mobile App Integrity team, where he is responsible for protecting people and publishers from malicious mobile app behavior. He earned his Ph.D. in computer science from Dartmouth College in 2021, under the guidance of V.S. Subrahmanian, and his bachelor’s in electronic engineering from Tsinghua University, China, in 2016.

Sai Deep Tetali is a principal engineer and tech lead manager at Meta,
where he works on privacy solutions for augmented and virtual reality applications. Prior to joining Meta, he spent five years at Google developing machine-learning techniques for detecting Android malware. He received his Ph.D. from University of California, Los Angeles.

Table of contents 

Part 1: A Primer on Android Malware
Chapter 1: Introduction to Android Security
Chapter 2: Android Malware in the Wild

Part 2: Manual Analysis
Chapter 3: Static Analysis
Chapter 4: Dynamic Analysis
Part 3: Machine Learning Detection
Chapter 5: Machine Learning Fundamentals
Chapter 6: Machine Learning Features
Chapter 7: Rooting Malware
Chapter 8: Spyware
Chapter 9: Banking Trojans
Chapter 10: Ransomware
Chapter 11: SMS Fraud
Chapter 12: The Future of Android Malware

The chapters in red are included in this Early Access PDF.