Android Malware Classification and Optimisation Based on BM25 Score of Android API

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)
44 Downloads (Pure)


With the growth of Android devices, there is a rise in malware applications affecting these networked devices. Android malware classification is an important task in ensuring the security and privacy of Android devices. One promising approach to this problem is to capture the difference in the usage of API in benign and malware applications through the BM25 (Best Matching 25) scoring function by calculating the BM25 score of each API (Application Program Interface). A linear regression model is fitted using the BM25 score to select the 1000 most important APIs using the feature importance weight of the linear regression model. The selected API's BM25 score and the Permission and Intents of an application are used to train Naive Bayes, Random Forest, Decision Tree, Support Vector Machine, and CNN (Convolutional Neural Network) for classification. To illustrate the effectiveness of using the BM25 score of APIs for malware classification, we train the optimised Particle Swarm Optimisation (PSO) based Machine learning and Deep Learning algorithms using Permission and Intents features with and without the BM25 score. Experiments show that the BM25 score improves the result. Overall, this study demonstrates the potential of using the BM25 score of API calls, in combination with Permissions and Intents, as a valuable tool for Android malware classification.
Original languageEnglish
Title of host publicationIEEE INFOCOM 2023 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)
Place of PublicationHoboken, NJ, USA
Number of pages6
ISBN (Electronic)9781665494274
ISBN (Print)9781665494281
Publication statusPublished - 20 May 2023
EventIEEE International Conference on Computer Communications - New York, United States
Duration: 17 May 202320 May 2023


ConferenceIEEE International Conference on Computer Communications
Abbreviated titleIEEE INFOCOM 2023
Country/TerritoryUnited States
CityNew York
Internet address

Cite this