Social Science and Humanities Journal SSHJ 2018, VOL-2, ISSUE-10, Page no. 624-633 Page 624 http://sshj.in/index.php/sshj / Research Article Malware Analysis on Android Apps: A Permission-Based Approach Ariel O. Gamao Abstract:-The use of Android devices nowadays is almost inevitable. Having been able to get a big slice of the mobile operating systems, Android has become a wide target for malware attacks. Malware detection analysis in this study is done to contribute to the many various ways in doing the malware analysis using classification algorithm using Random Forest and Naive Bayesian. This study used a static method of analyzing and detecting malware applications through the permission requests made by each Android application as analyzed by Virus Total website. This study utilized fifty actual Android samples down- loaded from the Internet in which the samples were composed of twenty-five benign apps and twenty-five malware applications. Keywords:-Classification algorithm, static method, permission requests, online validation, data collection, benign applications and malware applications I. INTRODUCTION Today, users communicate each other and share things on unknown networks without knowing of the risks pertaining to their privacy, confidentiality and accessibility of information in the global world of mobile technology. Android platform is the most popular mobile operating system among the other users of Android devices, its open and dynamic environment allows a large community of developers to upload and download applications. Such extensive usage makes it an easy target for attack and misuse. An pernicious application might steal those private information of users and upload it to a specific server, which will be a risk with user’s security [1]. In the Android environment, access permission is essential of an application, without which no installed apps can its worth when not granted with certain access permissions. Each android app declares its permissions during the installation phase. Android allows each app to function on operations based on its access grants as declared. However, no matter how fulfilling this may seem, it might have some flaws. Using the permissions an app is performing those operations in background which we would not have permitted it to do voluntarily. For example, a gaming app requests permissions to read contacts; and access the Internet, then there is a possibility that the said app reads the devices contact and send the data to third party servers over internet for whatever purpose. So, if the app requests for to send SMS messages, This Might permit the app to send message around as if the user sends it and eventually charge the owner on his phone billing[2]. Most of the Android malware detection approaches are concentrated on superficial features such as requested or used permissions, which can’t reflect the essential differences between benign apps and malware. However, a quantitative computation model of the application risks-based on the key observation that the essential differences between benign apps and malware actually depends on the manner how those permissions were being used, or rather the way how those corresponding permission methods are used[3]. Recently, according to the IDC in 2017, phone companies shipped a total of 344.3 million smartphones worldwide in the first quarter of 2017. With the impressive market share and a great number of users worldwide, Android has become a center stage for malicious apps that attack valuable information in personal devices [4]. Malwares can cause a serious threat to Android users anywhere in the world. Studies show that more than 70 percent of smart phone apps request additional permissions