Considering　the　resource　limitations　of　mobile　terminals,　such　as　memory　capacity　and　battery　power,　it　will　take　a　large　portion　of　resources　if　the　complex　malicious　detection　system　is　implemented　in　mobile　terminals.　We　proposed　the　training　part　to　be　implemented　on　the　backend　server　and　the　detecting　part　to　be　implemented　on　the　mobile　terminals.　In　addition,　we　apply　permission　information　to　the　applications　installed　on　the　terminals,　because　permission　mechanism　controls　the　applications＇　accesses　to　sensitive　information.　In　our　method,　we　first　employ　apriori　algorithm　to　define　the　permission　combinations　to　be　the　initial　feature　and　calculate　the　threat　level　of　permission　based　on　the　relative　deviation　distances.　The　distances　are　then　used　as　weights　to　the　classification　algorithm.　In　the　process,　we　apply　an　integrated　feature　selection　approach　based　on　the　principle　of　self-learning　to　extract　important　features　to　form　the　feature　set.　Finally,　the　minimum　risk　Bayes　algorithm　is　introduced　to　classify　unknown　applications.　The　experimental　results　show　that　our　method　is　effective　on　imbalanced　datasets.　Copyright　©　2015　Inderscience　Enterprises　Ltd.