A Comparative Study of Machine Learning Techniques for Android Malware Detection
Pages 1 - 13
Abstract
The rapid growth and wide availability of Android applications in recent years has resulted in a spike in the number of sophisticated harmful applications targeting Android users. Because of the popularity and amount of open-sourced supported features of Android OS, cyber attackers prefer to target Android-based devices over other smartphones. Malicious programs endanger user privacy and device integrity. To address this issue, the authors investigated machine learning algorithms for detecting malware in Android in this study. They employed a static analysis approach, collecting permissions from each application's APK and then generating feature vectors based on the extracted permissions. Finally, they trained several machine learning algorithms to create classification models that can distinguish between benign and malicious applications. According to experimental findings, random forest and multi-layer perceptron approaches, which have accuracy levels of 95.4% and 95.1%, respectively, have the best classification performance.
References
[1]
APKCombo. (2018). Retrieved July 19, 2022, from https://apkcombo.com/
[2]
Aafer, Y., Du, W., & Yin, H. (2013, September). Droidapiminer: Mining api-level features for robust malware detection in android. In International conference on security and privacy in communication systems (pp. 86-103). Springer.
[3]
Afonso, V. M., de Amorim, M. F., Grégio, A. R. A., Junquera, G. B., & de Geus, P. L. (2015). Identifying Android malware using dynamically obtained features. Journal of Computer Virology and Hacking Techniques, 11(1), 9–17.
[4]
Alam, M. S., & Vuong, S. T. (2013, August). Random forest classification for detecting android malware. In 2013 IEEE international conference on green computing and communications and IEEE Internet of Things and IEEE cyber, physical and social computing (pp. 663-669). IEEE.
[5]
Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., & Siemens, C. E. R. T. (2014, February). Drebin: Effective and explainable detection of android malware in your pocket. In NDSS (Vol. 14, pp. 23-26). Academic Press.
[6]
BurgueraI.ZurutuzaU.Nadjm-TehraniS. (2011, October). Crowdroid: behavior-based malware detection system for android. In Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices (pp. 15-26). 10.1145/2046614.2046619
[7]
Cai, H., Meng, N., Ryder, B., & Yao, D. (2018). Droidcat: Effective android malware detection and categorization via app-level profiling. IEEE Transactions on Information Forensics and Security, 14(6), 1455–1470.
[8]
CanforaG.MedvetE.MercaldoF.VisaggioC. A. (2015, August). Detecting android malware using sequences of system calls. In Proceedings of the 3rd International Workshop on Software Development Lifecycle for Mobile (pp. 13-20). 10.1145/2804345.2804349
[9]
ChanP. P.SongW. K. (2014, July). Static detection of Android malware by using permissions and API calls. In 2014 International Conference on Machine Learning and Cybernetics (Vol. 1, pp. 82-87). IEEE. 10.1109/ICMLC.2014.7009096
[10]
Chen, T., Mao, Q., Yang, Y., Lv, M., & Zhu, J. (2018). Tinydroid: a lightweight and efficient model for android malware detection and classification. Mobile Information Systems.
[11]
Cortes, C., & Vapnik, V. (1995). Support-vector networks. Machine Learning, 20(3), 273–297.
[12]
Costa, E., Lorena, A., Carvalho, A. C. P. L. F., & Freitas, A. (2007, July). A review of performance evaluation measures for hierarchical classifiers. In Evaluation methods for machine learning II: Papers from the AAAI-2007 workshop (pp. 1-6). Academic Press.
[13]
G DATA. (2022, June 2). G DATA Mobile Security Report. Retrieved July 22, 2022, from https://www.gdatasoftware.com/news/2022/02/37321-g-data-mobile-security-report-more-than-25-million-new-malware-apps-for-android-devices
[14]
Gao, T., Peng, W., Sisodia, D., Saha, T. K., Li, F., & Al Hasan, M. (2018). Android malware detection via graphlet sampling. IEEE Transactions on Mobile Computing, 18(12), 2754–2767.
[15]
GasconH.YamaguchiF.ArpD.RieckK. (2013, November). Structural detection of android malware using embedded call graphs. In Proceedings of the 2013 ACM workshop on Artificial intelligence and security (pp. 45-54). 10.1145/2517312.2517315
[16]
Google. (n.d.). AAPT2 (Android Asset Packaging Tool). Retrieved July 22, 2022, from https://developer.android.com/studio/command-line/aapt2
[17]
Hinton, G. E. (1990). Connectionist learning procedures. In Machine learning (pp. 555–610). Morgan Kaufmann.
[18]
Kohavi, R. (1995, August). A study of cross-validation and bootstrap for accuracy estimation and model selection. In IJCAI (Vol. 14, No. 2, pp. 1137-1145). Academic Press.
[19]
Larose, D. T., & Larose, C. D. (2005). K-nearest neighbor algorithm. Discovering knowledge in data: An introduction to data mining, 90, 106.
[20]
LiD.WangZ.XueY. (2018, May). Fine-grained android malware detection based on deep learning. In 2018 IEEE Conference on Communications and Network Security (CNS) (pp. 1-2). IEEE. 10.1109/CNS.2018.8433204
[21]
Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., & Ye, H. (2018). Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics, 14(7), 3216–3225.
[22]
Liaw, A., & Wiener, M. (2002). Classification and regression by randomForest. R News, 2(3), 18–22.
[23]
Liu, H., & Motoda, H. (Eds.). (1998). Feature extraction, construction and selection: A data mining perspective (Vol. 453). Springer Science & Business Media.
[24]
Mariconti, E., Onwuzurike, L., Andriotis, P., De Cristofaro, E., Ross, G., & Stringhini, G. (2016). Mamadroid: Detecting android malware by building markov chains of behavioral models. arXiv preprint arXiv:1612.04433.
[25]
MartinelliF.MercaldoF.SaracinoA. (2017, April). Bridemaid: An hybrid tool for accurate detection of android malware. In Proceedings of the 2017 ACM on Asia conference on computer and communications security (pp. 899-901). 10.1145/3052973.3055156
[26]
McLaughlinN.Martinez del RinconJ.KangB.YerimaS.MillerP.SezerS.Joon AhnG. (2017, March). Deep android malware detection. In Proceedings of the seventh ACM on conference on data and application security and privacy (pp. 301-308). 10.1145/3029806.3029823
[27]
Mnif, M. G., & Bouamama, S. (2020). A new multi-objective firework algorithm to solve the multimodal planning network problem. International Journal of Applied Metaheuristic Computing, 11(4), 91–113.
[28]
Murphy, K. P. (2006). Naive bayes classifiers. University of British Columbia, 18(60), 1-8.
[29]
Quinlan, J. R. (1996). Learning decision tree classifiers. ACM Computing Surveys, 28(1), 71–72.
[30]
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P. G., & Álvarez, G. (2013). Puma: Permission usage to detect malware in android. In International Joint Conference CISIS’12-ICEUTE 12-SOCO 12 Special Sessions (pp. 289-298). Springer.
[31]
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., & Weiss, Y. (2012). “Andromaly”: A behavioral malware detection framework for android devices. Journal of Intelligent Information Systems, 38(1), 161–190.
[32]
Shen, F., Del Vecchio, J., Mohaisen, A., Ko, S. Y., & Ziarek, L. (2018). Android malware detection using complex-flows. IEEE Transactions on Mobile Computing, 18(6), 1231–1245.
[33]
Wang, W., Gao, Z., Zhao, M., Li, Y., Liu, J., & Zhang, X. (2018). DroidEnsemble: Detecting Android malicious applications with ensemble of string and structural static features. IEEE Access: Practical Innovations, Open Solutions, 6, 31798–31807.
[34]
Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., & Zhang, X. (2014). Exploring permission-induced risk in android applications for malicious application detection. IEEE Transactions on Information Forensics and Security, 9(11), 1869–1882.
[35]
WuW. C.HungS. H. (2014, October). DroidDolphin: a dynamic Android malware detection framework using big data and machine learning. In Proceedings of the 2014 Conference on Research in Adaptive and Convergent Systems (pp. 247-252). 10.1145/2663761.2664223
[36]
Xu, W., Zhang, F., & Zhu, S. (2013, November). Permlyzer: Analyzing permission usage in android applications. In 2013 IEEE 24th International Symposium on Software Reliability Engineering (ISSRE) (pp. 400-410). IEEE.
[37]
YuanZ.LuY.WangZ.XueY. (2014, August). Droid-sec: deep learning in android malware detection. In Proceedings of the 2014 ACM conference on SIGCOMM (pp. 371-372). 10.1145/2619239.2631434
Index Terms
- A Comparative Study of Machine Learning Techniques for Android Malware Detection
Index terms have been assigned to the content through auto-classification.
Recommendations
Android Malware Detection Using Category-Based Machine Learning Classifiers
SIGITE '16: Proceedings of the 17th Annual Conference on Information Technology EducationAndroid malware growth has been increasing dramatically as well as the diversity and complicity of their developing techniques. Machine learning techniques have been applied to detect malware by modeling patterns of static features and dynamic behaviors ...
Application of Machine Learning Algorithms for Android Malware Detection
CIIS '18: Proceedings of the 2018 International Conference on Computational Intelligence and Intelligent SystemsAs the popularity of Android smart devises increases, the battle of alleviating Android malware has been considered as a crucial activity with the advent of new attacks including progressively complicated evasion techniques, consequently entailing more ...
Evaluating Machine Learning Models for Android Malware Detection: A Comparison Study
ICNCC '18: Proceedings of the 2018 VII International Conference on Network, Communication and ComputingAndroid is the most popular mobile operating system having billions of active users worldwide that attracted advertisers, hackers, and cybercriminals to develop malware for various purposes. In recent years, wide-ranging researches have been conducted ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2022.
Publisher
IGI Global
United States
Publication History
Published: 22 September 2022
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 24 Dec 2024