Currently static detection is the most commonly used in Android malware detection. Among them, the extraction of various features is particularly important. In analysing the data flow features of applications, researchers usually use taint analysis method to extract. However, this method lack intermediate process features. So in this paper, we analyse the features of Android components to obtain application data transfer features for complementing the application data flow features and build a more complete combination of data flow features. Based on this, we propose a new Android malicious application detection method—SUIP. This method complements the missing features based on taint analysis, and combines the LightGBM algorithm to build a detection model. Finally, we use the sample set in Virusshare for experiments. Compared with the traditional static detection method of Android malicious code, the result shows that our detection method has a high detection accuracy of 98.50%.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.