Journal of Data Processing Aswini, A M, Vinod P 6 1 2016 The purpose of this paper is to statically analyze the android application package files to detect zero-day attacks. The methodology deals with attribute extraction using dissemblers, feature reduction by sparse feature elimination, feature selection and ranking by implementing various feature selection techniques, aggregation of attribute categories followed by classification and prediction. Feature selection techniques such as Bi-Normal separation (BNS), Mutual Information (MI), Feature to class correlation (F-CC), Feature to feature correlation (F-FC), combination of feature to class and feature to feature correlation (FCFF), Comprehensive measurement feature selection (CMFS) and Optimal orthogonal centroid feature selection (OCFS) are implemented to choose the significant attributes. Prominent features of five different attribute categories like permissions, count of permissions, hardware features, software features as well as API calls from 1175 application packages are extracted to generate the classification model. Attribute aggregation is performed to build the ensemble model. The intention of this framework is to evaluate the effectiveness of ensemble features with respect to individual features; find out the best feature selection method with fewer feature length and classification algorithm. The framework developed here by implementing dimensionality reduction and machine learning algorithms depicts an overall classification accuracy of 93.02% using ensemble features. Evaluating the performance of ensemble model with independent model, the former provides better results with Bi-Normal separation.