PermPair: Android Malware Detection Using Permission Pairs

Anshul Arora*, Sateesh K. Peddoju, Mauro Conti

*Corresponding author for this work

Research output: Contribution to journalArticleScientificpeer-review

102 Citations (Scopus)


The Android smartphones are highly prone to spreading the malware due to intrinsic feebleness that permits an application to access the internal resources when the user grants the permissions knowingly or unknowingly. Hence, the researchers have focused on identifying the conspicuous permissions that lead to malware detection. Most of these permissions, common to malware and normal applications present themselves in different patterns and contribute to attacks. Therefore, it is essential to find the significant combinations of the permissions that can be dangerous. Hence, this paper aims to identify the pairs of permissions that can be dangerous. To the best of our knowledge, none of the existing works have used the permission pairs to detect malware. In this paper, we proposed an innovative detection model, named PermPair, that constructs and compares the graphs for malware and normal samples by extracting the permission pairs from the manifest file of an application. The evaluation results indicate that the proposed scheme is successful in detecting malicious samples with an accuracy of 95.44% when compared to other similar approaches and favorite mobile anti-malware apps. Further, we also proposed an efficient edge elimination algorithm that removed 7% of the unnecessary edges from the malware graph and 41% from the normal graph. This lead to minimum space utility and also 28% decrease in the detection time.

Original languageEnglish
Article number8886364
Pages (from-to)1968-1982
Number of pages15
JournalIEEE Transactions on Information Forensics and Security
Publication statusPublished - 2020
Externally publishedYes


  • Android malware
  • Android security
  • Malware detection
  • Permissions pair graph
  • Smartphone security


Dive into the research topics of 'PermPair: Android Malware Detection Using Permission Pairs'. Together they form a unique fingerprint.

Cite this