research-article

Android Malware Detection Using Category-Based Machine Learning Classifiers

Authors:

Huda Ali Alatwi,

Tae Oh,

Ernest Fokoue,

Bill StackpoleAuthors Info & Claims

SIGITE '16: Proceedings of the 17th Annual Conference on Information Technology Education

Pages 54 - 59

https://doi.org/10.1145/2978192.2978218

Published: 28 September 2016 Publication History

Get Access

Abstract

Android malware growth has been increasing dramatically as well as the diversity and complicity of their developing techniques. Machine learning techniques have been applied to detect malware by modeling patterns of static features and dynamic behaviors of malware. The accuracy rates of the machine learning classifiers differ depending on the quality of the features. We increase the quality of the features by relating between the apps' features and the features that are required to deliver its category's functionality. To measure the benign app references, the features of the top rated apps in a specific category are utilized to train a malware detection classifier for that given category. Android apps stores such as Google Play organize apps into different categories. Each category has its distinct functionalities which means the apps under a specific category are similar in their static and dynamic features. In other words, benign apps under a certain category tend to share a common set of features. On the contrary, malicious apps tend to have abnormal features, which are uncommon for the category that they belong to. This paper proposes category-based machine learning classifiers to enhance the performance of classification models at detecting malicious apps under a certain category. The intensive machine learning experiments proved that category-based classifiers report a remarkable higher average performance compared to non-category based.

References

[1]

Smartphone OS Market Share, 2015 Q2. (August 2015). Retrieved December 19, 2015 from http://www.idc.com/prodserv/smartphone-os-market-share.jsp.

Google Scholar

[2]

Alistair Barr. 2015. Google Says Android Has 1.4 Billion Active Users. (September 2015). Retrieved December 19, 2015 from http://www.wsj.com/articles/google-says-android-has-1--4-billion-active-users-1443546856.

Google Scholar

[3]

Gordon Kelly . 2014. Report: 97% of mobile malware is on android. (March 2014). Retrieved December 19, 2015 from http://www.forbes.com/sites/gordonkelly/2014/03/24/report-97-of-mobile-malware-is-on-android-this-is-the-easy-way-you-stay-safe/#4372bd817d53.

Google Scholar

[4]

McAfee's Consumer Mobile Security Report. (February 2014). Retrieved December 19, 2015 from http://www.mcafee.com/us/resources/reports/rp-mobile-security-consumer-trends.pdf.

Google Scholar

[5]

Arp, D., Spreitzenbarth, M., Hübner, M., Gascon, H., Rieck, K., andSiemens, C. (2014). Drebin: Effective and explainable detection of android malware in your pocket. In Proc. of NDSS.

Crossref

Google Scholar

[6]

Wu, D.-J., Mao, C.-H., Wei, T.-E., Lee, H.-M., and Wu, K.-P. (2012). Droidmat: Android malware detection through manifest and api callstracing. In Information Security (Asia JCIS), 2012 Seventh Asia JointConference on, pages 62--69. IEEE.

Digital Library

Google Scholar

[7]

Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., and Bringas, P. G.(2012). On the automatic categorisation of android applications. In Consumer Communications and Networking Conference (CCNC),2012 IEEE, pages 149--153. IEEE.

Google Scholar

[8]

Sahs, J. and Khan, L. (2012). A machine learning approach to android malware detection. In Intelligence and Security Informatics Conference (EISIC),2012 European, pages 141--147. IEEE.

Digital Library

Google Scholar

[9]

Chan, P. P. K. and Song, W. (2014). Static detection of Android malware by using permissions and API calls. In International Conference on Machine Learning and Cybernetics,2014 Lanzhou, pages 82--87. IEEE.

Crossref

Google Scholar

[10]

Idrees, F. and Rajarajan, M. (2014). Investigating the android intents and permissions for malware detection. In 10th International Conference on Wireless and Mobile Computing, Networking and Communications,2014 Larnaca, pages 354--358. IEEE.

Crossref

Google Scholar

[11]

S. Y. Yerima and S. Sezer and G. McWilliams and I. Muttik (2013). A New Android Malware Detection Approach Using Bayesian Classification. In Advanced Information Networking and Applications (AINA), 2013 IEEE 27th International Conference on,2013 Barcelona, pages 121--128. IEEE.

Digital Library

Google Scholar

Cited By

View all

Sharma TKechagia MGeorgiou STiwari RVats IMoazen HSarro F(2024)A survey on machine learning techniques applied to source codeJournal of Systems and Software10.1016/j.jss.2023.111934209:COnline publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1016/j.jss.2023.111934
Keyvanpour MBarani Shirzad MHeydarian F(2023)Android malware detection applying feature selection techniques and machine learningMultimedia Tools and Applications10.1007/s11042-022-13767-282:6(9517-9531)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1007/s11042-022-13767-2
S JR K(2022)A state-of-the-art Analysis of Android Malware Detection Methods2022 6th International Conference on Trends in Electronics and Informatics (ICOEI)10.1109/ICOEI53556.2022.9777170(851-855)Online publication date: 28-Apr-2022
https://doi.org/10.1109/ICOEI53556.2022.9777170
Show More Cited By

Index Terms

Android Malware Detection Using Category-Based Machine Learning Classifiers
1. Security and privacy
  1. Intrusion/anomaly detection and malware mitigation
    1. Malware and its mitigation
  2. Software and application security
    1. Software security engineering
2. Social and professional topics
  1. Computing / technology policy
    1. Intellectual property
      1. Software reverse engineering

Recommendations

Application of Machine Learning Algorithms for Android Malware Detection
CIIS '18: Proceedings of the 2018 International Conference on Computational Intelligence and Intelligent Systems

As the popularity of Android smart devises increases, the battle of alleviating Android malware has been considered as a crucial activity with the advent of new attacks including progressively complicated evasion techniques, consequently entailing more ...
Evaluating Machine Learning Models for Android Malware Detection: A Comparison Study
ICNCC '18: Proceedings of the 2018 VII International Conference on Network, Communication and Computing

Android is the most popular mobile operating system having billions of active users worldwide that attracted advertisers, hackers, and cybercriminals to develop malware for various purposes. In recent years, wide-ranging researches have been conducted ...
Dynamic Permissions based Android Malware Detection using Machine Learning Techniques
ISEC '17: Proceedings of the 10th Innovations in Software Engineering Conference

Android is by far the most widely used mobile phone operating system around. However, Android based applications are highly vulnerable to various types of malware attacks attributed to their open nature and high popularity in the market. The fault lies ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SIGITE '16: Proceedings of the 17th Annual Conference on Information Technology Education

September 2016

188 pages

ISBN:9781450344524

DOI:10.1145/2978192

Conference Chair:
Deborah Boisvert
University of Massachusetts Boston, USA
,
Program Chair:
Stephen Zilora
Rochester Institute of Technology, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 September 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGITE/RIIT 2016

Sponsor:

SIGITE

SIGITE/RIIT 2016: The 17th Annual Conference on Information Technology Education and the 5th Annual Conference on Research in Information Technology

September 28 - October 1, 2016

Massachusetts, Boston, USA

Acceptance Rates

SIGITE '16 Paper Acceptance Rate 26 of 67 submissions, 39%;

Overall Acceptance Rate 176 of 429 submissions, 41%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
474
Total Downloads

Downloads (Last 12 months)11
Downloads (Last 6 weeks)4

Reflects downloads up to 10 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sharma TKechagia MGeorgiou STiwari RVats IMoazen HSarro F(2024)A survey on machine learning techniques applied to source codeJournal of Systems and Software10.1016/j.jss.2023.111934209:COnline publication date: 14-Mar-2024
https://dl.acm.org/doi/10.1016/j.jss.2023.111934
Keyvanpour MBarani Shirzad MHeydarian F(2023)Android malware detection applying feature selection techniques and machine learningMultimedia Tools and Applications10.1007/s11042-022-13767-282:6(9517-9531)Online publication date: 1-Mar-2023
https://dl.acm.org/doi/10.1007/s11042-022-13767-2
S JR K(2022)A state-of-the-art Analysis of Android Malware Detection Methods2022 6th International Conference on Trends in Electronics and Informatics (ICOEI)10.1109/ICOEI53556.2022.9777170(851-855)Online publication date: 28-Apr-2022
https://doi.org/10.1109/ICOEI53556.2022.9777170
Ali Alatwi HMorisset C(2022)Threat Modeling for Machine Learning-Based Network Intrusion Detection Systems2022 IEEE International Conference on Big Data (Big Data)10.1109/BigData55660.2022.10020368(4226-4235)Online publication date: 17-Dec-2022
https://doi.org/10.1109/BigData55660.2022.10020368
Urooj BShah MMaple CAbbasi MRiasat S(2022)Malware Detection: A Framework for Reverse Engineered Android Applications Through Machine Learning AlgorithmsIEEE Access10.1109/ACCESS.2022.314905310(89031-89050)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3149053
Sharma TRattan D(2021)Malicious application detection in android — A systematic literature reviewComputer Science Review10.1016/j.cosrev.2021.10037340(100373)Online publication date: May-2021
https://doi.org/10.1016/j.cosrev.2021.100373
PEYNİRCİ GEMİNAĞAOĞLU M(2020)Android Platformunda Kötücül Yazılım Tespiti: Literatür İncelemesiMalware Detection on Android Platform: A Literature ReviewBilişim Teknolojileri Dergisi10.17671/gazibtd.52440813:1(65-76)Online publication date: 31-Jan-2020
https://doi.org/10.17671/gazibtd.524408
Thiyagarajan JAkash AMurugan B(2020)Improved real‐time permission based malware detection and clustering approach using model independent pruningIET Information Security10.1049/iet-ifs.2019.041814:5(531-541)Online publication date: Sep-2020
https://doi.org/10.1049/iet-ifs.2019.0418
Rajawat AUpadhyay PUpadhyay A(2020)Novel Deep Learning Model for Uncertainty Prediction in Mobile ComputingIntelligent Systems and Applications10.1007/978-3-030-55180-3_49(652-661)Online publication date: 25-Aug-2020
https://doi.org/10.1007/978-3-030-55180-3_49
Zhang JZhuang XChen Y(2019)Android Malware Detection Combined with Static and Dynamic AnalysisProceedings of the 2019 9th International Conference on Communication and Network Security10.1145/3371676.3371685(6-10)Online publication date: 15-Nov-2019
https://dl.acm.org/doi/10.1145/3371676.3371685
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Application of Machine Learning Algorithms for Android Malware Detection

Evaluating Machine Learning Models for Android Malware Detection: A Comparison Study

Dynamic Permissions based Android Malware Detection using Machine Learning Techniques