Hashim H.A.-B.Saudi M.M.Basir N.2024-05-292024-05-2920171936661210.1166/asl.2017.73662-s2.0-85027849164https://www.scopus.com/inward/record.uri?eid=2-s2.0-85027849164&doi=10.1166%2fasl.2017.7366&partnerID=40&md5=9c2ad5d80d8ea80a1ee360dc4d937c92https://oarep.usim.edu.my/handle/123456789/9744Android has dominated the smartphone market share with 82.8% compared to other platforms such as iOS, Windows, Blackberry OS and others in the world. This growth makes the android being most targeted by mobile malwares. There are many ways to infect users with malicious applications such as by uploading the infected apps at the third party store, repackaged application and drive-by-download. This paper presents the commonly and widely used of permissions and APIs by the mobile botnet to exploit the smartphones. Experiment has been conducted in a controlled lab environment and by doing static analysis and reverse engineered the apps source code. The identified permissions and APIs in this experiment are crucial prior forming the mobile botnet detection model. � 2017 American Scientific Publishers All rights reserved.en-USAndroidAndroid permissions API callsMobile botnet detectionStatic analysisAndroid botnet features for detection mechanismArticle53145317236