Comparative Analysis of Android Malware Detection Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

Download Full-text

Analysis of Android Malware Detection Techniques in Deep Learning

SKIT Research Journal ◽

10.47904/ijskit.10.2.2020.21-26 ◽

2020 ◽

Vol 10 (2) ◽

pp. 21

Author(s):

Neetu Agarwal ◽

Vipin Jain ◽

Raju K Ranjan

Keyword(s):

Deep Learning ◽

Malware Detection ◽

Android Malware ◽

Detection Techniques ◽

Android Malware Detection

Download Full-text

A Hybrid Model for Android Malware Detection

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k2250.1081219 ◽

2019 ◽

Vol 8 (12) ◽

pp. 2656-2662

Keyword(s):

Malware Detection ◽

Machine Learning Algorithms ◽

Detection Accuracy ◽

Dynamic Parameters ◽

Android Malware ◽

Detection Techniques ◽

Advantages And Disadvantages ◽

Android Malware Detection ◽

Tree Classifier ◽

Hybrid Detection

Android malware have risen exponentially over the past few years, posing several serious threats such as system damage, financial loss, and mobile botnets. Various detection techniques have been proposed in the literature for Android malware detection. Some of the techniques analyze static parameters such as permissions, or intents, whereas, others focus on dynamic parameters such as network traffic or system calls. Static techniques are relatively easier to implement, however, stealthy recent malware evade static detection by virtue of update attacks. Dynamic detection can be used to detect such stealthy malware, however, it increases the computation overhead. Hence, both kinds of techniques have their own advantages and disadvantages. In this paper, we have proposed an innovative hybrid detection model that uses both static and dynamic features for malware analysis and detection. We first rank the static and dynamic parameters according to the information gain and then apply machine learning algorithms in the testing phase. The results indicate that hybrid approach is better than both static and dynamic approaches and the proposed model achieves 98.9% detection accuracy with Decision Tree classifier

Download Full-text

A study of android malware detection techniques in virtual environment

Cluster Computing ◽

10.1007/s10586-016-0630-5 ◽

2016 ◽

Vol 19 (4) ◽

pp. 2295-2304

Author(s):

Hyun Mi Jung ◽

Ki-Bong Kim ◽

Han-Jin Cho

Keyword(s):

Virtual Environment ◽

Malware Detection ◽

Android Malware ◽

Detection Techniques ◽

Android Malware Detection

Download Full-text

A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

Information ◽

10.3390/info12050185 ◽

2021 ◽

Vol 12 (5) ◽

pp. 185

Author(s):

Vasileios Kouliaridis ◽

Georgios Kambourakis

Keyword(s):

Machine Learning ◽

Performance Metrics ◽

Malware Detection ◽

Machine Learning Techniques ◽

Android Malware ◽

Detection Techniques ◽

Android Malware Detection ◽

Mobile Malware ◽

Comprehensive Survey ◽

Mobile Malware Detection

Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.

Download Full-text

Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm

Mathematics ◽

10.3390/math9212813 ◽

2021 ◽

Vol 9 (21) ◽

pp. 2813

Author(s):

Jaehyeong Lee ◽

Hyuk Jang ◽

Sungmin Ha ◽

Yourim Yoon

Keyword(s):

Machine Learning ◽

Genetic Algorithm ◽

Genetic Algorithms ◽

Feature Selection ◽

Malware Detection ◽

Feature Selection Method ◽

Machine Learning Algorithms ◽

Android Malware ◽

Detection Techniques ◽

Android Malware Detection

Since the discovery that machine learning can be used to effectively detect Android malware, many studies on machine learning-based malware detection techniques have been conducted. Several methods based on feature selection, particularly genetic algorithms, have been proposed to increase the performance and reduce costs. However, because they have yet to be compared with other methods and their many features have not been sufficiently verified, such methods have certain limitations. This study investigates whether genetic algorithm-based feature selection helps Android malware detection. We applied nine machine learning algorithms with genetic algorithm-based feature selection for 1104 static features through 5000 benign applications and 2500 malwares included in the Andro-AutoPsy dataset. Comparative experimental results show that the genetic algorithm performed better than the information gain-based method, which is generally used as a feature selection method. Moreover, machine learning using the proposed genetic algorithm-based feature selection has an absolute advantage in terms of time compared to machine learning without feature selection. The results indicate that incorporating genetic algorithms into Android malware detection is a valuable approach. Furthermore, to improve malware detection performance, it is useful to apply genetic algorithm-based feature selection to machine learning.

Download Full-text

A Comprehensive Study of Malware Detection in Android Operating Systems

Asian Journal of Research in Computer Science ◽

10.9734/ajrcos/2021/v10i430248 ◽

2021 ◽

pp. 30-46

Author(s):

Suhaib Jasim Hamdi ◽

Ibrahim Mahmood Ibrahim ◽

Naaman Omar ◽

Omar M. Ahmed ◽

Zryan Najat Rashid ◽

...

Keyword(s):

Machine Learning ◽

Malware Detection ◽

Detailed Comparison ◽

Detection Methods ◽

Current Status ◽

Android Malware ◽

Detection Techniques ◽

Android Apps ◽

Android Malware Detection ◽

Wide Range

Android is now the world's (or one of the world’s) most popular operating system. More and more malware assaults are taking place in Android applications. Many security detection techniques based on Android Apps are now available. The open environmental feature of the Android environment has given Android an extensive appeal in recent years. The growing number of mobile devices are incorporated in many aspects of our everyday lives. This paper gives a detailed comparison that summarizes and analyses various detection techniques. This work examines the current status of Android malware detection methods, with an emphasis on Machine Learning-based classifiers for detecting malicious software on Android devices. Android has a huge number of apps that may be downloaded and used for free. Consequently, Android phones are more susceptible to malware. As a result, additional research has been done in order to develop effective malware detection methods. To begin, several of the currently available Android malware detection approaches are carefully examined and classified based on their detection methodologies. This study examines a wide range of machine-learning-based methods to detecting Android malware covering both types dynamic and static.

Download Full-text