The invention discloses a sensitive subgraph based on malicious android software re-packaging detection method. The sensitive subgraph based on malicious android software re-packaging detection method includes the steps that sensitive API weighting calculation is performed, sensitive subgraph establishment is performed based on an android program static function call network, then five different structure characteristics are established by utilizing the difference of sensitive API call structures of sensitive subgraphs in benign programs and malicious re-packaging programs, finally a characteristic space is established for a sample set, analysis and detection are performed by utilizing a machine learning method, and accordingly detection of the malicious re-packaging programs is achieved. A sensitivity coefficient calculation method TF-IDF-like is provided based on text vocabulary weighing detection TF-IDF, the method makes sensitive function coefficient calculation only limited to usage distribution of a function themselves in a malicious data set no longer but combine with usage distribution of the sensitive function in a benign data set, and accordingly false detection alarms caused by higher sensitivity coefficients due to the fact that a part of sensitivity functions in a malicious data set and a benign data set are simultaneously called in quantity are decreased.