Obfusifier: Obfuscation-Resistant Android Malware Detection System

The structure-changing obfuscation has become an effective means for malware authors to create malicious apps that can evade the machine learning-based detection systems. Generally, a highly effective detection system for detecting unobfuscated malware samples can lose its effectiveness when encountering the same samples that have been obfuscated. In this paper, we introduce Obfusifier, a highly effective machine-learning based malware detection system that can sustain its effectiveness even when malware samples are obfuscated using complex and composite techniques. The training of our system is based on obfuscation-resistant features extracted from unobfuscated apps, while the classifier retains high effectiveness for detecting obfuscated malware. Our experimental evaluation shows that Obfusifier can achieve the precision, recall, and F-measure that exceed 95% for detecting obfuscated Android malware, well surpassing any of the previous approaches.