Android devices provide opportunities for users to install third-party applications through various online markets. This brings security and privacy concerns to the users since thirdparty applications may pose serious threats. The exponential growth and diversity of these applications render conventional defenses ineffective, thus, Android smartphones often remain unprotected from novel malware. In this work, we present XDroid, an Android app and resource risk assessment framework using hidden

more »

... arkov model. In this framework, we first map the applications' behaviors into an observation set, and we introduce a novel approach to attach timestamp to some observations to improve the accuracy of the model. We show that our HMM can be utilized to generates risk alerts to users when suspicious behaviors are found. Furthermore, an online learning model is introduced to enable the integration of the input from users and provide adaptive risk assessment to meet user's preferences. We evaluate our model through a set of experiments on a benchmark malware dataset DREBIN. Our experimental results demonstrate that the proposed model can assess malicious apps risk-levels with high accuracy. It also provide adaptive risk assessment based on input from users.