Android has been a constant target of cybercriminals that try to attack one of the most used operating systems, commonly using malicious applications (denominated malwares). The present invention uses a lightweight and non-invasive approach to detect malware in the Android system. The method employs a set of specific-type detectors in which each one performs a multi-stage analysis, based on rules and machine learning techniques, in different phases of the application cycle. The invention includes a process to obtain application's characteristics that does not infringe licenses and terms of use of applications; a more efficient process to classify applications on Android devices that requires less processing power; and, finally, by using different detection phases that employ distinct sets of characteristics obtained from the application, the present invention can outperform the detection performance of techniques of the prior-art and reduce the number of misclassified samples.