**5. Statistical analysis**

This section presents a statistical study to show the frequency of the used approaches, methods, datasets, and tools in the current systems. Various, related, recent, published solutions in 2017–2018 were considered in this study.

In regard to reverse engineering tools utilized by researchers, APKtool was heavily used by 54% in comparison with other tools (see **Figure 4**). Soot was next with 20% of usage.

**55**

**Figure 6.**

**Figure 5.**

**Figure 5** shows a comparison among the static tools which were utilized by researchers. It can be observed that 48% of the static-based systems used FlowDroid tool in their solutions. PScout was the second most used with percentage reaching around 28%. Dynamic analysis tool usage is illustrated in **Figure 6**. The majority of existing solutions used Droidbox with 27% and TaintDroid with 24% in comparison with

The results in **Figure 7** reveal that AndroZoo was the most used dataset in 2017–2018. The percentage of usage reached 43%. Genome and DREBIN datasets

other approaches. The rest of the results are shown in **Figure 6**.

came next with frequencies 30 and 16%, respectively.

*Dynamic tool frequency in 2017–2018 research work.*

*Android Application Security Scanning Process DOI: http://dx.doi.org/10.5772/intechopen.86661*

*Static tool frequency in 2017–2018 research work.*

**Figure 4.** *Reverse engineering tool usage in 2017–2018 research.*

There have been many types of research on designing malicious detection approaches. Such approaches resort to static analysis of the malware, and others use dynamic analysis, while some methods utilize both static and dynamic analyses to get better detection of a malicious incident. Moreover, the generated datasets will be analyzed in order to detect any potential security threats, regardless whether these datasets were constructed based on static or dynamic tests or even both. Usually, data mining techniques could be used for the purpose of detecting and classifying attacks [42, 52]. Moreover, intelligence techniques could be utilized to even rank the risk by assigning the attack a risk

The scanning service might fruit in developing a mobile application that is installed on user's devices to examine the Android application and discriminate, if it is a clean app or a malicious app to warn the user and protect her/his Android device. DREBIN [87] is one of the malware detection systems available for smartphones. One of the major features that DREBIN provides is instantaneous malware detection. When a new application is downloaded, DREBIN starts the analyzing process directly. As a result, the user is protected against any unreliable sources. Another example of anti-malware software is HinDroid [88] which has been integrated as one of Comodo's mobile security scanning tools. HinDroid structures the APIs based on heterogeneous information network in order to make predictions about the tested application. Consequently, HinDroid can reduce the time and cost

This section presents a statistical study to show the frequency of the used approaches, methods, datasets, and tools in the current systems. Various, related,

In regard to reverse engineering tools utilized by researchers, APKtool was heavily used by 54% in comparison with other tools (see **Figure 4**). Soot was next with

recent, published solutions in 2017–2018 were considered in this study.

**54**

**Figure 4.**

*Reverse engineering tool usage in 2017–2018 research.*

score [42, 86].

of analyzing Android apps.

**5. Statistical analysis**

20% of usage.

**Figure 5.** *Static tool frequency in 2017–2018 research work.*

**Figure 6.** *Dynamic tool frequency in 2017–2018 research work.*

**Figure 5** shows a comparison among the static tools which were utilized by researchers. It can be observed that 48% of the static-based systems used FlowDroid tool in their solutions. PScout was the second most used with percentage reaching around 28%.

Dynamic analysis tool usage is illustrated in **Figure 6**. The majority of existing solutions used Droidbox with 27% and TaintDroid with 24% in comparison with other approaches. The rest of the results are shown in **Figure 6**.

The results in **Figure 7** reveal that AndroZoo was the most used dataset in 2017–2018. The percentage of usage reached 43%. Genome and DREBIN datasets came next with frequencies 30 and 16%, respectively.

**Figure 7.** *Dataset frequency in 2017–2018 research work.*
