Azhar M.A.Saudi M.M.Ahmad A.Abu Bakar A.2024-05-282024-05-2820191865792310.3991/IJIM.V13I04.105212-s2.0-85070420230https://www.scopus.com/inward/record.uri?eid=2-s2.0-85070420230&doi=10.3991%2fIJIM.V13I04.10521&partnerID=40&md5=0542bf21cdb235d8ea6ab264ab980080https://oarep.usim.edu.my/handle/123456789/8743Internet users all over the world are highly exposed to social media exploitation, where they are vulnerable to be targeted by this cyber-attack. Furthermore, excessive use of social media leads to Internet Addiction Disorder (IAD). Fortunately, social media exploitation and IAD can be monitored and controlled closely based on user's mobile phone surveillance features which are camera, SMS, audio, geolocation (GPS) and call log. Hence to overcome these challenges, this paper presents five (5) Application Programming Interfaces (APIs) and four (4) permissions for SMS and camera that are mostly and widely used with the social media applications. These 9 APIs and permissions matched with 2.7% of the APIs and permissions training dataset that are related with SMS and camera. This experiment was conducted by using hybrid analysis, which inclusive of static analysis and dynamic analysis, with 1926 training dataset from Brunswick. These 9 APIs and permissions, if being misused by the attacker, could lead to privacy concerns of a mobile device. The finding from this paper can be used as a guidance and reference for the formation of new mobile malware detection technique and modeling in future.en-USAPICameraMobile malwaresMobile phone surveillance featurePermissionSMSSocial media exploitationArticle6178134