Table 1 Various malware detection / classification methods in previous works

Detection on mobile device

Permission

Permission

Enck et al. (2009) and Pearce et al. (2012)

Footprint

System resources

Shabtai and Elovici (2010) and Bugiel et al. (2012)

Taint tracing

Enck et al. (2010)

Event log, system call

Bose et al. (2008)

Detection outside mobile device

Permission

Permission

Peng et al. (2012)

Footprint

System call, disassembled code

Blasing et al. (2010)

System call, interaction log

Reina et al. (2013)

System/API call, taint tracing

Rastogi et al. (2013)

Permission + footprint

Permission, API call

Yang et al. (2012)

Permission, API call, XML information

Grace et al. (2012), Wu et al. (2012) and Arp et al. (2014)

Permission, API call, system call, XML information, disassembled code

Yan and Yin (2012), Zhou et al. (2012), Spreitzenbarth et al. (2013), Weichselbaum et al. (2014) and Vidas et al. (2014)

Hybrid

Footprint

System call

Burguera et al. (2011) and Isohara et al. (2011)

Function call

Schmidt et al. (2009)

Permission + footprint

Certificate, permission, disassembled code, XML information

Jang et al. (2015) and Kang et al. (2015)