International Journal of Information Security (2023) 22:1115–1124

https://doi.org/10.1007/s10207-023-00679-x

REGULAR CONTRIBUTION

SFCGDroid: android malware detection based on sensitive function

call graph
Sibo Shi1 · Shengwei Tian2 · Bo Wang2 · Tiejun Zhou3 · Guanxin Chen2

Published online: 1 May 2023

© The Author(s), under exclusive licence to Springer-Verlag GmbH, DE 2023

Abstract
Android is now one of the most popular operating systems in the world because of its open source character, so the threshold
for hackers to make malware has also become lower, and more and more malware has started to threaten people’s lives.
Graphs are used to represent the program’s syntactic and semantic structure, and can naturally represent malicious behavior,
so we propose a malware detection method named SFCGDroid, which based on sensitive function call graph, so we propose a
malware detection method named SFCGDroid, which based on sensitive function call graph. We first decompile the Android
application to generate a function call graph (FCG), and extract the sensitive function call graph (SFCG) on the FCG. Secondly,
we extract two class features (1) use the Skip-gram model to obtain function embeddings, and (2) treat the SFCG as a social
network and extract the triads attribute of the sensitive API. The two types of features are combined as a feature representation
of the SFCG and fed into a graph convolutional network (GCN) for malware detection. For experiments on 26,939 Android
software datasets, SFCGDroid in this paper can achieve 98.22% accuracy and 98.20% F1 score.

Keywords Malware detection · Sensitive function call graph · Graph convolutional network · Skip-gram · Triads

1 Introduction threat to users. How to correctly classify malware is now a

The development of Internet technology has led to an
explosion in the demand for mobile devices. The Android
operating system is the representative smartphone operating
system and therefore Android has become a major carrier
of malware. According to Kaspersky’s report [1], 3 million
Android malware were detected in 2021, which poses a huge
B Shengwei Tian
top priority.
Many malware detection methods already exist, includ-
ing signature-based methods [2], android behaviour-based
methods [3,4]. Machine learning-based methods, machine
learning-based methods are used for malware detection by
manually finding good features, API calls [5], permissions
[6], intent [7]. In recent times, deep learning-based Android
malware detection has gradually become popular, using auto-
matic feature extraction engineering for Android malware

[email protected] detection, Ye et al. [8] converted Androidmainfest.xml to
Sibo Shi RGB images after decompiling the APK and used CNN mod-
[email protected] els for detection, Karbab et al. in [9] used CNN models for
Bo Wang detection with NLP techniques. However, nowadays malware
[email protected] will try to bypass detection as much as possible, e.g. hackers
Tiejun Zhou can obfuscate detection without declaring permissions [10].
[email protected] Malware is mostly generated after repackaging, malicious
Guanxin Chen code is only a small part of it, malicious code is hidden in
[email protected] the normal code, so the need to focus on locally generated
1 malicious behaviour for detection makes it more difficult for
School of Information Science and Engineering, Xinjiang
University, Urumqi, Xinjiang, China malware to evade detection.
2 To solve this problem, we propose an Android malware
School of Software, Xinjiang University, Urumqi, Xinjiang,
China detection method based on sensitive function call graph
3 (SFCG). We first decompile the Android application to obtain
Internet Data Center, Urumqi, Xinjiang, China

123
1116
the smali code, get the function call graph (FCG) from the
smali code, and then obtain the SFCG based on the sensitive
API. Each node in the graph includes two types of attributes,
which are semantic attributes and graph structure attributes.
The node semantic attributes are obtained in the trained func-
tion embedding model, in addition to this we further explore
the hidden information in the SFCG structure, and we treat
the SFCG as a social network and get the attributes of each
sensitive API triad in the graph. We feed this into a GCN
classifier for malware detection.
The main contributions of this paper are as follows:
– We propose SFCGDroid, an Android malware detection
system based on sensitive function call graphs. We focus
on sensitive API calls in FCG, reduce the size of FCG
to generate SFCG, and detect the existence of malicious
behaviors.
– SFCGDroid combines function semantic information
with graph structure information. It looks for suspected
malicious behaviour from function node semantics and
sensitive API call structures.
– We verified the effectiveness of SFCGDroid in a large
dataset. The experimental results show that SFCGDroid
outperforms some of the more recent detection methods.
The rest of the paper is organised as follows. Section 2 dis-
cusses related work on Android malware detection. Section 3
presents the framework and details of SFCGDroid, followed
by the experimental results in Sect. 4. Section 5 briefly sum-
marises the full paper.
2 Related work
The malware detection methods [11] that exist today fall into
three main categories, static analysis, dynamic analysis and
hybrid analysis.
2.1 Static analysis
Static analysis as the most frequently used method for
Android malicious detection, permissions [6], APIs [5], and
intent [12] are often used as static features. Permissions as
an important part of an Android application will show the
permissions required to run the Android application when
it is installed, and the Android application will verify that
the permissions are granted when it performs some sensi-
tive operations. Therefore 22 out of 135 permissions were
selected as important permissions and the detection accu-
racy was above 90% in [6], Chavan et al. [13] found that
permissions were an important feature and that with care-
fully selected permissions features, even with highly skewed
data, an accuracy of over 96% could be achieved by train-
123
S. Shi et al.
ing with artificial neural networks. However, [10] mentions
that malware does not need to request permissions to per-
form sensitive operations, which is one of the reasons for
the low accuracy of static analysis. Androdialysis [12] dis-
covers the importance of intent in the detection of malware
in Android applications, which is an important means of
cross-process communication in Android applications and
is naturally a means of attack for malware. Androdialysis
combined intent and permission to detect can achieve 95%
accuracy, but intent needs to be combined with other features
to have good results, intent features alone cannot work well.
Droidapiminer [5] used APIs as features to detect malware,
looking for key APIs and the parameters called by the APIs.
However, this approach does not identify the behavioural
information implied by the API, nor does it represent the
interactions between the APIs.
Incorrect declarations of permissions and API calls are dif-
ficult to represent implicit behavioral information, so work in
recent years has tried to address these issues. MAMADROID
[14] first extracts the API call sequences from the call graph
and models the API call sequences as Markov chains to
capture the behavioral information in the API. ProDroid
[15] uses the API classes and method sequences to train
the Profile Hidden Markov Model and achieves a detection
accuracy of 94.5%. Image-based detection techniques have
been an important approach for Android malware detection.
DeepVisDroid [16] converted some files from APK into grey-
scale images, constructed four grey-scale image datasets and
extracted two types of image-based features, the local fea-
tures and global features, fed into a neural network model
with a 1D-convolutional layer, and obtained a classification
accuracy of 98.96% in effective time. Ünver et al. [17] con-
verted Manifest.xml, DEX, and Resource.ARSC from APK
to grey-scale images to extract four types of local features and
three types of global features and fed them into a machine
learning classifier, AdaBoost, with an accuracy of 98.75%.
Similarly graphs as a representation of unstructured data
can model Android application behavioural activity. Dapasa
[18] extracted sensitive subgraphs and extracted five numer-
ical features based on the scale of the sensitive subgraphs,
into a random forest classifier for classification. Gascon et al.
[19] extracted function call graphs and used linear time graph
kernel-inspired explicit mapping of the call graph to the fea-
ture space, but this approach selects fine-grained bytecodes
as features and has no behavioural properties of the func-
tions, and the detection performance is only 89%. CDGroid
[20] used control flow graphs (CFG) and data flow graphs
(DFG), encoded them and fed them into a convolutional neu-
ral network (CNN) with a detection accuracy of over 99.5%.
GDroid [21] proposed an API usage model to build a het-
erogeneous graph through APK-API and API-API edges,
converted the application classification task into a node clas-
sification task, and used graph convolutional networks for
SFCGDroid: android malware detection based…
Android malware detection for the first time. AMalNet [22]
used graph convolutional networks (GCNs) and independent
recurrent networks (IndRNNs) for Android malware detec-
tion by constructing graphs based on the relative position
relationships of nodes and combining NLP techniques. Ou et
al. [23] proposed a feature called S3feature from function call
graphs to extract sensitive subgraphs and neighbour-sensitive
subgraphs in function call graphs to mine local malicious
behaviour. We propose SFCGDroid deals with sensitive func-
tion call graphs directly, and does not lose coarse-grained
features.
2.2 Dynamic analysis
Dynamic analysis is an important technique as a mal-
ware detection method. Damodaran et al. [11] train Hidden
Markov Models based on API call sequences and opcode
sequences, compare the detection rate of models based on
static analysis, dynamic analysis and hybrid analysis and find
that the fully dynamic approach is very effective in malware
detection. So another analysis method for Android mal-
ware detection is dynamic analysis. Unlike static analysis,
dynamic analysis requires the Android application to run in a
virtual environment or on a real Android device, and extracts
features while the Android application is running. It requires
more resources, but reduces the impact of Android applica-
tion obfuscation. System calls are an important illustration
of dynamic analysis, as they reveal the dynamic behaviour of
an application, where malware accesses sensitive resources
more frequently, such as sending SMS messages, opening
the camera, etc., which need to be implemented by system
calls. Xiao et al. [24] extracted the sequence of system calls
and classified them by the lstm model, achieving an accuracy
rate of 93.7%. EnDroid [25] extracts the dynamic behaviour
logs and system calls generated by the application during
sandbox operation and classifies them using the Stacking
algorithm, achieving 96.56% detection. But dynamic anal-
ysis may not be able to obtain a valid feature because the
malicious behaviour of the application is not triggered, or
because the malware finds the emulator environment so that
it does not perform the malicious behaviour.
2.3 Hybrid analysis
Hybrid analysis is a combination of static features dynamic
features. Surendran et al. [26] combined system calls, API
calls, and permissions to classify malware detection by tree
augmented plain Bayes (TAN) with 97% accuracy. NTPdroid
[27] extracted dynamic features network traffic and static
features permissions, network traffic analysis can detect mal-
ware via remote control, permissions can detect malware
that does not generate network traffic, and the FP-Growth
algorithm generates frequent patterns for the combination of
1117
the two types of features with 94.25% detection. DL-Droid
[28] improves code coverage through state-based input, as
state-based input requires an evaluation of the current state
of the Android application to ensure that it can trigger mali-
cious behaviour, and dynamic features application attributes,
action events and static features permissions are extracted
during the running of the application to detect malicious
behaviour through these three types of features.
Overall, static analysis-based malware detection research
accounts for the majority of research, as static analysis does
not have to run the application, saving resources while still
yielding good detection results. As one of the hotspots for
Android malware detection, we generate sensitive function
call graphs for sensitive APIs, focusing on local malicious
behaviour to automatically capture semantic feature informa-
tion and obtain better performance in detection classification.
3 Method
The overall structure of SFCGDroid is shown in Fig. 1. The
APK is decompiled to extract the FCG, the SFCG is further
extracted from the FCG, the function semantic features are
combined with sensitive API triad representation features and
sent to the GCN for detection.
3.1 SFCG
The requirement for extracting SFCG is to extract FCG from
APK file. We use the apktool [29] and androguard [30] tools
for decompiling to gain FCG. We extracted the SFCG based
on the FCG, and the extraction process is shown in Algo-
rithm 1.
We need to input the APK file, the list of sensitive APIs,
and the order number. The list of sensitive APIs is from [7].
sensitive APIs mean that some APIs can perform sensitive
operations, such as reading SMS, reading and writing files,
etc. and sensitive APIs are highly associated with malware.
Sensitive APIs accounts for a very small percentage of the
current APIs provided by the Android SDK, which currently
provides over 50,000 APIs, with 426 sensitive APIs that per-
form sensitive operations. The order parameter represents
how far the sensitive API node is to reach the other nodes
and requires the FCG to be converted to an undirected graph.
In Algorithm 1, The function getFCG() in line 2 gets the
FCG of the APK file, the funcrion toUndirected() in line 3
gets undirected graph UnFCG of the FCG, and the funcrion
getSAPIsOfFCG() in line 4 gets the sensitive APIs of the
FCG. Si in line 5 represents each sensitive API in the sen-
sitive APIs list, the function getNeiOrder() in line 6 is to
get some nodes in the undirected graph UnFCG that are less
than or equal to the order parameter value in distance from
the sensitive API node, thus there are both sensitive and non-
123
1118 S. Shi et al.

Generate SFCG Obtian node features Classification Malware Detecon

All nodes Skip-gram

Benign Benign

Triads Malware
Sensitive APIs
Malware Extract FCG Extract SFCG

Fig. 1 Overview of SFCGDroid

sensitive API nodes in the set N. Lines 8-15 find whether sensitive API nodes associated with the sensitive API node,
there are edge connections between the nodes in the set N, inspired by the Skip-gram model, we treat the sensitive API
the edges between these nodes are obtained in the FCG to nodes as central words and the other nodes obtained through
construct the SFCG. Since the nodes and edges in the SFCG the sensitive API nodes as contextual words. Ultimately we
come from the FCG, the SFCG is an induced subgraph of the treat all nodes in SFCG as words and obtain the semantic
FCG. Finally the SFCG is constructed from the nodes and properties E f of each node after training with the Skip-gram
edges found. model.
Figure 2 shows the architecture for extracting the semantic
features of the function using the Skip-gram model training.
Algorithm 1: Extract SFCG Firstly, all functions in SFCG are collected to construct a cor-
Input : apk, senAPIs, order pus, and each function in the corpus is treated as a word and
Output: SFCG
trained to transform the function into an N-dimensional vec-
1 N = ∅,E = ∅ tor using the Skip-gram model. In the training process, each
2 FCG = getFCG(apk)
3 UnFCG = toUndirected(FCG) function is encoded in a one-hot encoding form as a vector
4 apkSAPIs = getSAPIsOfFCG(FCG,senAPIs) of V dimensions, with V representing the size of the corpus.
5 for each Si ∈ apkSAPIs do All inputs share the weights WV ×N , N is the dimension size
6 N = N ∪ getNeiOrder(UnFCG, Si , order) of the hidden layer and also the dimension size of each func-
7 end
8 for each sr c ∈ N do tion vector obtained after training is completed. The training
9 Sdst = getDstNode(FCG,sr c) objective of the Skip-gram model is to maximize the proba-
10 for each dst ∈ Sdst do bility of predicting context words given the target word, for
11 if dst ∈ N then a sequence of functions f 1 , f 2 , . . . , f T , the objective can be
12 E = E ∪ <src,dst>
13 end written as the average log probability
14 end
15 end
1  
T
16 SFCG ← (N, E)  
J( f ) = log P f t+ j | f t (1)
T
t=1 −d≤ j≤d

3.2 Function semantic features Skip-gram models use log functions to prevent gradient
explosion and to improve computational
 efficiency,
 2d + 1
After obtaining the SFCG, we also need to obtain the func- refers to the sliding window size. P f t+ j | f t is defined by
tion semantic features. The one-hot encoding is a simple
scheme, but it does not capture the association between func-  
tion semantics and generates great sparse dimensionality. In exp e TfO e f I
this paper, we use the Skip-gram model proposed by Mikolov P ( f O | f I ) = V  T  (2)
i=1 exp ei e f I
et al. [31,32], which is based on the assumption that seman-
tically similar words also have similar contextual semantics.
After training is completed, each word can be given a low- e fO and e fI are vector representations of f O and
 f I , the exp

dimensional vector which is a mapping of the words in the function is called an exponential function. P f t+ j | f t is
semantic space and is able to express the association between defined by the softmax function, which is computationally
V
the semantics of the words. very expensive because i=1 exp eiT e f I requires summing
Because the SFCG is constructed based on the sensitive over the entire corpus, so we use negative sampling tech-
API node, the SFCG contains both sensitive and non- niques [31] to simplify and speed up training.

123
SFCGDroid: android malware detection based… 1119

Fig. 2 Extracting function

semantic feature

Table 1 Four types of triads

021D 021C 111U 030T

3.3 Sensitive API triad features

We can analyse SFCG as a social network, and an important

feature of social networks is triads [33]. Triads refer to the
relationship between three nodes in a social network, and
there are 16 different structures. Malicious Android appli-
cations rely on sensitive APIs to achieve their attacks, and
the triad structure of sensitive APIs will produce different
distributions. Based on this assumption, we randomly select
500 benign and 500 malicious apps from Androzoo [34] to
extract the SFCG. We set the parameter “order” of SFCG to 2,
because we only explore the situation with edge connections
between nodes.
We have selected four types of triads, as shown in Table 1.
There are sensitive API nodes and non-sensitive API nodes in
SFCG. A triad is considered to be a sensitive API triad if there
is at least one sensitive API node in the triad, and a normal
triad if there is no sensitive API node in the triad, and we cal-
culate the proportion of sensitive API triads in the same type
of triad. As shown in Fig. 3, the distribution of four types of
sensitive API triads differs significantly between benign and
malicious applications. There are more ratios of 021D and
Fig. 3 Distribution of sensitive API triad
021C for malicious applications than for benign applications,
and more ratios of 111U and 030T for benign applications
than for malicious applications. Since Fig. 3 shows that sen-
sitive API triads feature can capture some of the information
implied by the graph structure.
For each node in the SFCG, we use T fτ to represent the
4 kinds of triads ratio for each node and T fτ is calculated by
equation 3

φ( f ,τ,SG)
if f ∈ sen A P I s
T fτ = δ(SG,τ ) (3)
0 otherwise
where τ represents the four triad types {021D, 021C, 111U ,
030T }, δ(SG, τ ) represents the sum of triads of type τ of the

123
1120 S. Shi et al.

Fig. 4 Classification model

sensitive function call graph SG, and φ( f , τ, SG) represents

the number of triads τ of the sensitive API f in the sensitive
function call graph SG.
The triad features of each node are acquired by equation 4,
and finally each node feature of SFCG is obtained by connect-
ing the semantic feature E f and the triad feature T f obtained
by the skip-gram model.
 
T f = T f021D T f021C T f111U T f030T (4)

3.4 GCN

After we extract the SFCG, and the features of each node

in the SFCG, we need to feed the classification model for
training. Our classification model is inspired by [35,36]. As
shown in Fig. 4, a layer of GCN and a layer of graph pool-
ing are treated as one block, and two same blocks exist for
the model, with the output of each block summed through
Fig. 5 SAGPool layer
the readout layer and finally going into the MLP for classifi-
cation. For the input to the GCN, the adjacency matrix A is
firstly required as a representation of the SFCG structure, and the nodes that should be deleted. SAGPool layer is shown in
then the feature matrix X consisting of the feature vectors of Fig. 5. Self-attentive scores are calculated as follow
all nodes. for each layer l the output can be written as
 
  1 1
Z = σ D − 2 A D − 2 X θatt (8)
(l) (l−1)
H =σ H ,A where H = X 0
(5)
θatt is the only parameter of the SAGPool. The pooling ratio
In which A = A + I , I is the unit matrix, A is the rep- k ∈ (0, 1) is used as a hyper-parameter to determine how
resentation of the adjacency matrix adding self-connections, many nodes are retained. The top k N nodes are selected based
and σ is the activation function, and we use ReLu as the on the value of Z .
activation function. Based on the spectral domain [37], the
multi-layer graph convolution layer is as follows
idx = top-rank (Z , k N ) , Z mask = Z id x (9)
 
− 21 − 21 X = X id x,: , X out = X Z mask , Aout = Aid x,id x (10)
H (l+1) = σ D A D Hl Wl (6)

D= Âi j (7) top-rank is to get the index of the top k N values after
j sorting. X is the feature after mask, multiplied with Z mask
to obtain the pooled feature matrix, and Aout is the adjacency
D is the degree matrix and W l is the training weights matrix matrix corresponding to the feature matrix. Finally, through
for layer l. The pooling layer in the classification model we the readout layer, the readout layer aggregates node features
use SAGPool [35], a self-attentive mechanism that focuses to generate a fixed size representation. The definition of the
more on the more important information and separates out readout layer is shown in equation 11.

123
SFCGDroid: android malware detection based… 1121

Table 2 SFCGDroid’s experimental environment Table 4 Performance evaluation of different order

Environment Description Order Acc P R F1

Hardware OS Ubuntu 16.04 1 97.79 97.98 97.73 97.77

CPU 6 × E5-2680 v4 2 98.01 97.99 98.09 97.96
RAM 30GB 3 97.83 97.84 97.93 97.79
GPU RTX 3060 The float numbers in bold correspond to the best performance indicators
Software Androguard [30] Obtain the FCG in the table
Gensim [38] Obtain the E f
Networkx [39] Obtain the T f
DGL [40] Build the classification model identical number of subsets, four of which were used for
model training and the remaining one to validate the model,
and looped through the training five times. To quantify the
Table 3 Static information on the dataset
performance of the classifier, we used the following metrics,
FCG Benign Malware accuracy (ACC), precision (P), recall (R) and F1 score.
# samples 13463 13476
Avg # Nodes 23060 5738
Max # Nodes 66768 167714 4.2 SFCG order
Avg # Edges 50059 13052
Max # Edges 149650 429662 To prove the effectiveness of the SFCG, we need to adjust
the hyperparameter order for generating the SFCG, different
hyperparameters will generate different SFCG sizes. We set
1 
N
N order to 1, 2 and 3, the order parameters 1, 2 and 3 were
s= xi  max xi (11)
N i=1 chosen for two reasons. On the one hand, it is the limitation of
i=1
the feature Sensitive API triad, where the maximum distance
There N is the number of nodes after pooling and xi is the between nodes in a triad is 2. On the other hand, we do not
feature vector of the nodes. Finally, the classification results set order to 4 because of limited memory do not allow for
are gained by two fully connected layers. training. For features we use the default settings of gensim
with window size of 5 and vector dimension of 100. The final
experimental results for different orders are presented in the
4 Experiment following Table 4.
As shown in the worst at different orders also achieves
4.1 Experimental step 97.79% accuracy and 97.77% F1 score, indicating that
good performance can still be expected in reducing FCG
The hardware devices used to implement SFCGDroid and to generate SFCG. Proving that malware executes malicious
the software packages used are shown in Table 2. behaviour through local sensitive API calls, we get the best
performance with order set to 2, proving that the behavioural
4.1.1 Dataset information of the malware is best represented in the 2 order
neighbourhood of the sensitive API.
We collected 26,939 apps, including 13,463 benign and
13,476 malicious samples. The benign samples came from
Androzoo [34], each of which was scanned by VirusTotal 4.3 Vector dimension
[41] and considered benign if all anti-virus engines passed
the scan, and the malicious samples came from CICMal- During the experiments, we found that different vector
Droid2020 [42] and VirusShare [43]. All of the above dimensions affect the final classification results. In order to
samples could be decompiled successfully and more detailed achieve the best results for classification, we set the word
information is provided in Table 3 vector dimension in the features to between 50 and 100. The
experimental results are shown in Fig. 6, proving the valid-
4.1.2 Metrics ity of the function word vector semantics, with the worst
Acc reaching 97.67%. And we could observe that the vec-
To evaluate the effectiveness of SFCFDroid, we used fivefold tor dimension reached the best performance at 60, with Acc
cross-validation by randomly dividing the dataset into five reaching 98.04% and F1 reaching 97.99%.

123
1122 S. Shi et al.

Table 6 Results of different feature on the ML/DL classifier

Classifier Features Acc(%) P(%) R(%) F1(%)

KNN-1 permission 93.86 93.04 94.96 93.99

intent 93.50 95.58 91.20 93.44
API 97.88 97.91 97.78 97.85
KNN-3 permission 96.45 97.90 95.03 96.44
intent 94.50 98.33 90.56 94.28
API 97.40 97.56 97.24 97.40
MLP permission 96.77 98.37 95.21 96.75
Fig. 6 Performance evaluation of different vector dimension intent 94.91 99.21 90.53 94.67
API 97.83 98.83 96.83 97.81

Table 5 Performance evaluation of different feature sets RF permission 96.05 98.93 93.20 95.98
intent 93.82 99.73 87.88 93.43
Feature Dimension Acc P R F1
API 95.77 93.70 98.13 95.87
Ef 60 98.04 98.04 98.04 97.99 SVM permission 94.57 97.30 91.81 94.48
Tf 4 90.74 91.58 91.13 91.05 intent 92.34 98.63 85.89 92.82
E f + Tf 64 98.22 98.27 98.28 98.20 API 96.19 94.80 97.74 96.25
The float numbers in bold correspond to the best performance indicators SAGPool Ours 98.22 98.27 98.28 98.20
in the table
The float numbers in bold correspond to the best performance indicators
in the table
Table 7 Description of the different methods
Method Year Feature Classifier

Drebin 2014 APIs, permissions and SVM

intents
DeepMalDet 2017 Opcode Sequence CNN
MalDetGCN 2021 Opcode group,API GraphSAGE
package
MalScan 2019 SAPI centrality KNN-1
NATICUSdroid 2021 Native and custom RF
permissions
Fig. 7 ROC curves for different feature
SFCGDroid Skip-gram, SAPI triad SAGPool

4.4 Comparison of different feature

We compare the effects of the two kinds of feature, as well as
the effects of the combination of the two types of feature. For
the function semantic feature, we choose 60 as the dimension
size of the function semantic feature. As shown in Table 5,
the combination of the two feature proved to be effective in
improving the model detection performance, probably due
to the sensitive API triad feature being able to complement
the function semantics in the graph structure.
Furthermore, according to Fig. 7, the combination of the
two features has a high TPR and low FPR, and the AUC is
0.999. Because the Skip-gram model could capture the func-
tion semantic information of the node, and the triad could
capture the graphical structure information of the sensitive
API, and combining the two types of feature has great per-
formance.
Finally we also compared with different features on the
ML/DL classifier, we selected three types of features, permis-
sion, intent and API. Permission is from [44], intent is from
AndroDialysis [12] and API is from Pscout [45]. Ours fea-
tures refer to the features of the graph nodes, not the samples
or the whole graph, so the features proposed by SFCGDroid
cannot be used in other classifiers, Table 6 shows that the
method we used has better performance.
4.5 Comparison of different methods
We compared on the same dataset with some other state-
of-the-art methods and chose six representative malicious
detection methods, Drebin [46], DeepMalDet [47], MalDet-
GCN [48], MalScan [49] and NATICUSdroid [50]. They
were selected because these projects are open source or well
documented, as shown in Table 7. The difference between
these methods is the use of different feature sets. The dif-
ference between these approaches is that different sets of
features are used. Drebin collects key information from

123
SFCGDroid: android malware detection based…
Table 8 Results of the comparison between SFCGDroid and other
methods
Method ACC(%) P(%) R(%)
Drebin 97.61 99.0 96.18
DeepMalDet 95.22 96.67 93.63
MalDetGCN 97.21 97.80 97.86
MalScan 98.17 98.13 98.21
NATICUSdroid 96.49 98.59 94.39
SFCGDroid 98.22 98.27 98.28
The float numbers in bold correspond to the best performance indicators
in the table
AndroidManifest.xml as feature, DeepMalDet uses opcode
sequences as features, MalDetGCN selects opcode sets and
API packages as feature, NATICUSdroid uses native permis-
sions and custom permissions as feature, and MalScan uses
social network centrality as feature, the most similar to my
work here is MalDetGCN, but the MalDetGCN feature does
not include semantic information.
Table 8 shows the detection results for the six methods,
SFCGDroid has accuracy rates higher than 98.22%, and F1
scores as high as 98.20%. SFCGDroid achieves the highest
recall of the six methods at the expense of some precision.
SFCGDroid rarely produces false negatives because malware
detection is all about detecting as much malware as possible
to prevent it from accessing the application market.
5 Conclusion and future work
This paper presents SFCGDroid to detect Android malware
using GCN based on SFCG, extracting function semantics
and sensitive API triad features. By identifying sensitive APIs
and extracting the SFCG based on FCG, Skip-gram gets the
semantic information of each node in the graph and treats the
SFCG as a social network to obtain the proportion of sensi-
tive API triads. We use a GCN model that operates directly
on the graph to learn the features of each node and eventually
turn the malware classification task into a graph classification
task.
Experiments show that our method achieves 98.22%, out-
performing other state-of-the-art detection methods. How-
ever, our method relies on the selection of sensitive APIs,
which are affected by different Android versions, thus affect-
ing the final detection results, and generating SFCG is
affected by third-party libraries, with some malicious third-
party libraries being the source of malware. Therefore, in
future research, we will optimise the method of generat-
ing SFCG and explore the impact of third-party libraries on
Android software. Consider some new features to represent
the information embedded in the nodes, such as using per-
missions to improve our approach to achieve better detection
results.
1123
Acknowledgements We would like to thank anonymous reviewers for
their comments. This work was supported by Autonomous Region Key
R&D Project (2021B01002), the Key Program of National Natural Sci-
F1(%)
ence Foundation of China (U2003208), Major science and technology
97.57 projects in the autonomous region (2020A03004-4).
95.13 Data Availability The datasets analysed during the current study are
97.83 available from the corresponding author on reasonable request.
98.17
96.44 Declarations
98.20
Conflict of interest The authors declare that they have no conflict of
interest.
References
1. Kaspersky’sreport. https://securelist.com/mobile-malware-
evolution-2021/105876. Accessed 21 Feb 2022
2. Zheng, M., Sun, M., Lui, J.C.: Droid analytics: a signature based
analytic system to collect, extract, analyze and associate android
malware. In: 2013 12th IEEE International Conference on Trust,
Security and Privacy in Computing and Communications pp. 163–
171. IEEE (2013)
3. Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: effec-
tive and efficient behavior-based android malware detection and
prevention. IEEE Trans. Dependable Secur. Comput. 15(1), 83–97
(2016)
4. Zhang, H., Luo, S., Zhang, Y., Pan, L.: An efficient Android mal-
ware detection system based on method-level behavioral semantic
analysis. IEEE Access 7, 69246–69256 (2019)
5. Aafer, Y., Du, W., Yin, H.: Droidapiminer: mining api-level features
for robust malware detection in android. In: International Con-
ference on Security and Privacy in Communication Systems, pp.
86-103. Springer, Cham (2013)
6. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., Ye, H.: Significant
permission identification for machine-learning-based android mal-
ware detection. IEEE Trans. Ind. Inform. 14(7), 3216–3225 (2018)
7. Gong, L., Li, Z., Qian, F., Zhang, Z., Chen, Q.A., Qian, Z., Liu, Y.:
Experiences of landing machine learning onto market-scale mobile
malware detection. In: Proceedings of the Fifteenth European Con-
ference on Computer Systems, pp. 1–14 (2020)
8. Ye, G., Zhang, J., Li, H., Tang, Z., Lv, T.: Android malware
detection technology based on lightweight convolutional neural
networks. Secur. Commun. Netw. (2022). https://doi.org/10.1155/
2022/8893764
9. Karbab, E.B., Debbabi, M.: PetaDroid: adaptive android malware
detection using deep learning. In: International Conference on
Detection of Intrusions and Malware and Vulnerability Assess-
ment, pp. 319–340. Springer, Cham (2021)
10. Grace, M.C., Zhou, Y., Wang, Z., Jiang, X.: Systematic detection of
capability leaks in stock android smartphones. NDSS 14, 19 (2012)
11. Damodaran, A., Troia, F.D., Visaggio, C.A., Austin, T.H., Stamp,
M.: A comparison of static, dynamic, and hybrid analysis for mal-
ware detection. J. Comput. Virol. Hacking Tech. 13(1), 1–12 (2017)
12. Feizollah, A., Anuar, N.B., Salleh, R., Suarez-Tangil, G., Furnell,
S.: Androdialysis: analysis of android intent effectiveness in mal-
ware detection. Comput. Secur. 65, 121–134 (2017)
13. Chavan, N., Di Troia, F., Stamp, M.: A comparative analysis of
android malware (2019). arXiv preprint arXiv:1904.00735
14. Mariconti, E., Onwuzurike, L., Andriotis, P., De Cristofaro, E.,
Ross, G., Stringhini, G. Mamadroid: Detecting android malware by
building markov chains of behavioral models (2016). arXiv preprint
arXiv:1612.04433
123
1124
15. Sasidharan, S.K., Thomas, C.: ProDroid-an android malware detec-
tion framework based on profile hidden Markov model. Pervasive
Mobile Comput. 72, 101336 (2021)
16. Bakour, K., Ünver, H.M.: DeepVisDroid: android malware detec-
tion by hybridizing image-based features with deep learning
techniques. Neural Comput. Appl. 33(18), 11499–11516 (2021)
17. Ünver, H.M., Bakour, K.: Android malware detection based on
image-based features and machine learning techniques. SN Appl.
Sci. 2(7), 1–15 (2020)
18. Fan, M., Liu, J., Wang, W., Li, H., Tian, Z., Liu, T.: Dapasa: detect-
ing android piggybacked apps through sensitive subgraph analysis.
IEEE Trans. Inf. Forensics Secur. 12(8), 1772–1785 (2017)
19. Gascon, H., Yamaguchi, F., Arp, D., Rieck, K.: Structural detection
of android malware using embedded call graphs. In: Proceedings
of the 2013 ACM Workshop on Artificial Intelligence and Security,
pp. 45–54 (2013)
20. Xu, Z., Ren, K., Qin, S., Craciun, F.: CDGDroid: android malware
detection based on deep learning using CFG and DFG. In: Interna-
tional Conference on Formal Engineering Methods, pp. 177–193.
Springer, Cham (2018)
21. Gao, H., Cheng, S., Zhang, W.: GDroid: android malware detec-
tion and classification with graph convolutional network. Comput.
Secur. 106, 102264 (2021)
22. Pei, X., Yu, L., Tian, S.: AMalNet: a deep learning framework based
on graph convolutional networks for malware detection. Comput.
Secur. 93, 101792 (2020)
23. Ou, F., Xu, J.: S3Feature: a static sensitive subgraph-based feature
for android malware detection. Comput. Secur. 112, 102513 (2022)
24. Xiao, X., Zhang, S., Mercaldo, F., Hu, G., Sangaiah, A.K.: Android
malware detection based on system call sequences and LSTM. Mul-
timed. Tools Appl. 78(4), 3979–3999 (2019)
25. Feng, P., Ma, J., Sun, C., Xu, X., Ma, Y.: A novel dynamic Android
malware detection system with ensemble learning. IEEE Access 6,
30996–31011 (2018)
26. Surendran, R., Thomas, T., Emmanuel, S.: A TAN based hybrid
model for android malware detection. J. Inf. Secur. Appl. 54,
102483 (2020)
27. Arora, A., Peddoju, S. K.: NTPDroid: a hybrid android mal-
ware detector using network traffic and system permissions.
In: 2018 17th IEEE International Conference On Trust, Secu-
rity And Privacy In Computing And Communications/12th IEEE
International Conference On Big Data Science And Engineering
(TrustCom/BigDataSE) pp. 808-813. IEEE (2018)
28. Alzaylaee, M.K., Yerima, S.Y., Sezer, S.: DL-Droid: deep learn-
ing based android malware detection using real devices. Comput.
Secur. 89, 101663 (2020)
29. Apktool. https://ibotpeaches.github.io/Apktool. Accessed 26 Feb
2022
30. Androguard. https://github.com/androguard/androguard.
Accessed 18 Feb 2019
31. Mikolov, T., Sutskever, I., Chen, K., Corrado, G.S., Dean, J.:
Distributed representations of words and phrases and their com-
positionality. In: Advances in Neural Information Processing
Systems, vol. 26 (2013)
32. Mikolov, T., Chen, K., Corrado, G., Dean, J.: Efficient estima-
tion of word representations in vector space (2013). arXiv preprint
arXiv:1301.3781
33. Batagelj, V., Mrvar, A.: A subquadratic triad census algorithm for
large sparse networks with small maximum degree. Soc. Netw
23(3), 237–243 (2001)
34. Allix, K., Bissyandé, T. F., Klein, J., Le Traon, Y.: Androzoo: col-
lecting millions of android apps for the research community. In:
2016 IEEE/ACM 13th Working Conference on Mining Software
Repositories (MSR) pp. 468-471. IEEE (2016)
123
S. Shi et al.
35. Lee, J., Lee, I., Kang, J.: Self-attention graph pooling. In: Inter-
national Conference on Machine Learning, pp. 3734-3743. PMLR
(2019)
36. Cangea, C., Veličković, P., Jovanović, N., Kipf, T., Liò, P.:
Towards sparse hierarchical graph classifiers (2018). arXiv preprint
arXiv:1811.01287
37. Kipf, T.N., Welling, M.: Semi-supervised classification with graph
convolutional networks (2016). arXiv preprint arXiv:1609.02907
38. Rehurek, R., Sojka, P.: Software framework for topic modelling
with large corpora. In: Proceedings of the LREC 2010 Workshop
on New Challenges for NLP Frameworks (2010)
39. Hagberg, A., Schult, D., Swart, P.: Exploring network struc-
ture, dynamics, and function using networkX. In: Varoquaux, G.,
Vaught, T., Millman, J. (eds.) Proceedings of the 7th Python in
Science Conference (SciPy 2008), pp. 11–15 (2008)
40. Wang, M., Zheng, D., Ye, Z., Gan, Q., Li, M., Song, X., Zhang, Z.:
Deep graph library: a graph-centric, highly-performant package for
graph neural networks (2019). arXiv preprint arXiv:1909.01315
41. Ood, G.: Virustotal: R Client for the virustotal API. R package
version 0.2.1 (2017)
42. Mahdavifar, S., Kadir, A.F.A., Fatemi, R., Alhadidi, D., Ghor-
bani, A.A.: Dynamic android malware category classification
using semi-supervised deep learning. In: 2020 IEEE International
Conference on Dependable, Autonomic and Secure Computing,
International Conference on Pervasive Intelligence and Comput-
ing, International Conference on Cloud and Big Data Comput-
ing, International Conference on Cyber Science and Technology
Congress (DASC/PiCom/CBDCom/CyberSciTech), pp. 515-522.
IEEE (2020)
43. VirusShare. https://virusshare.com. Accessed November 2019
44. Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Explor-
ing permission-induced risk in android applications for malicious
application detection. IEEE Trans. Inf. Forensics Secur. 9(11),
1869–1882 (2014)
45. Au, K.W.Y., Zhou, Y.F., Huang, Z., Lie, D.: Pscout: analyzing the
android permission specification. In: Proceedings of the 2012 ACM
Conference on Computer and Communications Security, pp. 217-
228 (2012)
46. Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.,
Siemens, C.E.R.T.: Drebin: effective and explainable detection of
android malware in your pocket. Ndss 14, 23–26 (2014)
47. McLaughlin, N., Martinez del Rincon, J., Kang, B., Yerima, S.,
Miller, P., Sezer, S., Joon Ahn, G.: Deep android malware detection.
In: Proceedings of the Seventh ACM on Conference on Data and
Application Security and Privacy, pp. 301–308 (2017)
48. Vinayaka, K.V., Jaidhar, C.D.: Android malware detection using
function call graph with graph convolutional networks. In: 2021
2nd International Conference on Secure Cyber Computing and
Communications (ICSCCC), pp. 279–287. IEEE (2021)
49. Wu, Y., Li, X., Zou, D., Yang, W., Zhang, X., Jin, H.: Malscan: fast
market-wide mobile malware scanning by social-network central-
ity analysis. In: 2019 34th IEEE/ACM International Conference on
Automated Software Engineering (ASE) pp. 139-150. IEEE (2019)
50. Mathur, A., Podila, L.M., Kulkarni, K., Niyaz, Q., Javaid, A.Y.:
NATICUSdroid: a malware detection framework for android using
native and custom permissions. J. Inf. Secur. Appl. 58, 102696
(2021)
Publisher’s Note Springer Nature remains neutral with regard to juris-
dictional claims in published maps and institutional affiliations.
Springer Nature or its licensor (e.g. a society or other partner) holds
exclusive rights to this article under a publishing agreement with the
author(s) or other rightsholder(s); author self-archiving of the accepted
manuscript version of this article is solely governed by the terms of such
publishing agreement and applicable law.