scholarly journals On machine learning effectiveness for malware detection in Android OS using static analysis data

2021 ◽  
Vol 59 ◽  
pp. 102794
Author(s):  
Vasileios Syrris ◽  
Dimitris Geneiatakis
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Malware Detection ◽  
Analysis Data ◽  
Learning Effectiveness ◽  
Android Os

scholarly journals Malware Detection in Android Apps Using Static Analysis

2022 ◽  
Vol 24 (3) ◽  
pp. 1-25
Author(s):  
Nishtha Paul ◽  
Arpita Jadhav Bhatt ◽  
Sakeena Rizvi ◽  
Shubhangi
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Detection Rate ◽  
Empirical Studies ◽  
Malware Detection ◽  
Personal Data ◽  
Data Set ◽  
Android Apps ◽  
Malicious Apps ◽  
Day By Day

Frequency of malware attacks because Android apps are increasing day by day. Current studies have revealed startling facts about data harvesting incidents, where user’s personal data is at stake. To preserve privacy of users, a permission induced risk interface MalApp to identify privacy violations rising from granting permissions during app installation is proposed. It comprises of multi-fold process that performs static analysis based on app’s category. First, concept of reverse engineering is applied to extract app permissions to construct a Boolean-valued permission matrix. Second, ranking of permissions is done to identify the risky permissions across category. Third, machine learning and ensembling techniques have been incorporated to test the efficacy of the proposed approach on a data set of 404 benign and 409 malicious apps. The empirical studies have identified that our proposed algorithm gives a best case malware detection rate of 98.33%. The highlight of interface is that any app can be classified as benign or malicious even before running it using static analysis.

scholarly journals PROUD-MAL: static analysis-based progressive framework for deep unsupervised malware classification of windows portable executable

2021 ◽  
Author(s):  
Syed Khurram Jah Rizvi ◽  
Warda Aslam ◽  
Muhammad Shahzad ◽  
Shahzad Saleem ◽  
Muhammad Moazam Fraz
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Static Analysis ◽  
Deep Neural Network ◽  
Early Stage ◽  
Malware Detection ◽  
Machine Learning Algorithms ◽  
Organizational Network ◽  
Depth Analysis ◽  
Feature Attention

AbstractEnterprises are striving to remain protected against malware-based cyber-attacks on their infrastructure, facilities, networks and systems. Static analysis is an effective approach to detect the malware, i.e., malicious Portable Executable (PE). It performs an in-depth analysis of PE files without executing, which is highly useful to minimize the risk of malicious PE contaminating the system. Yet, instant detection using static analysis has become very difficult due to the exponential rise in volume and variety of malware. The compelling need of early stage detection of malware-based attacks significantly motivates research inclination towards automated malware detection. The recent machine learning aided malware detection approaches using static analysis are mostly supervised. Supervised malware detection using static analysis requires manual labelling and human feedback; therefore, it is less effective in rapidly evolutionary and dynamic threat space. To this end, we propose a progressive deep unsupervised framework with feature attention block for static analysis-based malware detection (PROUD-MAL). The framework is based on cascading blocks of unsupervised clustering and features attention-based deep neural network. The proposed deep neural network embedded with feature attention block is trained on the pseudo labels. To evaluate the proposed unsupervised framework, we collected a real-time malware dataset by deploying low and high interaction honeypots on an enterprise organizational network. Moreover, endpoint security solution is also deployed on an enterprise organizational network to collect malware samples. After post processing and cleaning, the novel dataset consists of 15,457 PE samples comprising 8775 malicious and 6681 benign ones. The proposed PROUD-MAL framework achieved an accuracy of more than 98.09% with better quantitative performance in standard evaluation parameters on collected dataset and outperformed other conventional machine learning algorithms. The implementation and dataset are available at https://bit.ly/35Sne3a.

scholarly journals FG-Droid: Grouping Based Feature Size Reduction for Android Malware Detection through Machine Learning

2021 ◽  
Author(s):  
Recep Sinan ARSLAN
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Processing Time ◽  
High Accuracy ◽  
User Privacy ◽  
Accuracy Rate ◽  
Feature Size ◽  
Android Malware ◽  
Android Malware Detection ◽  
Android Os

Abstract The number of applications prepared for use on mobile devices has increased rapidly with the widespread use of the Android OS. This has resulted in the undesired installation of Android apks that violate user privacy or malicious. The increasing similarity between Android malware and benign applications makes it difficult to distinguish them from each other and causes a situation of concern for users. In this study, FG-Droid, a machine-learning based classifier with an efficient working system, using the method of grouping the features obtained by static analysis, was proposed. It was created as a result of experiments with Machine learning (ML), DNN, RNN, LSTM and GRU based models using Drebin, Genome and Arslan datasets. Experimental results reveal that FG-Droid has achieved 97.7% AUC score with a vector includes only 11 static features, and ExtraTree algorithm. FG-Droid analyze the applications with using the least number of features compare to previous studies, and required the least processing time for training and prediction. As a result, it has been shown that Android malware can be detected in high accuracy rate with an effective feature set and there is no need to use a large number of features extracted with different techniques (static, dynamic or hybrid).

scholarly journals Deep-Droid: Deep Learning for Android Malware Detection

2020 ◽  
Vol 9 (12) ◽  
pp. 122-125
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Learning Approaches ◽  
Android Malware ◽  
Detection Systems ◽  
Learning Framework ◽  
The Past ◽  
Android Malware Detection ◽  
Android Os

Android OS, which is the most prevalent operating system (OS), has enjoyed immense popularity for smart phones over the past few years. Seizing this opportunity, cybercrime will occur in the form of piracy and malware. Traditional detection does not suffice to combat newly created advanced malware. So, there is a need for smart malware detection systems to reduce malicious activities risk. Machine learning approaches have been showing promising results in classifying malware where most of the method are shallow learners like Random Forest (RF) in recent years. In this paper, we propose Deep-Droid as a deep learning framework, for detection Android malware. Hence, our Deep-Droid model is a deep learner that outperforms exiting cutting-edge machine learning approaches. All experiments performed on two datasets (Drebin-215 & Malgenome-215) to assess our Deep-Droid model. The results of experiments show the effectiveness and robustness of Deep-Droid. Our Deep-Droid model achieved accuracy over 98.5%.

scholarly journals Android Malware Detection through Machine Learning Techniques: A Review

2020 ◽  
Vol 16 (02) ◽  
pp. 14
Author(s):  
Abikoye Oluwakemi Christiana ◽  
Benjamin Aruwa Gyunka ◽  
Akande Noah
Keyword(s):  
Machine Learning ◽  
Malware Detection ◽  
Social Engineering ◽  
Machine Learning Techniques ◽  
Android Malware ◽  
Detection Systems ◽  
Android Malware Detection ◽  
Android Os ◽  
Learning Techniques ◽  
The Individual

<p class="0abstract">The open source nature of Android Operating System has attracted wider adoption of the system by multiple types of developers. This phenomenon has further fostered an exponential proliferation of devices running the Android OS into different sectors of the economy. Although this development has brought about great technological advancements and ease of doing businesses (e-commerce) and social interactions, they have however become strong mediums for the uncontrolled rising cyberattacks and espionage against business infrastructures and the individual users of these mobile devices. Different cyberattacks techniques exist but attacks through malicious applications have taken the lead aside other attack methods like social engineering. Android malware have evolved in sophistications and intelligence that they have become highly resistant to existing detection systems especially those that are signature-based. Machine learning techniques have risen to become a more competent choice for combating the kind of sophistications and novelty deployed by emerging Android malwares. The models created via machine learning methods work by first learning the existing patterns of malware behaviour and then use this knowledge to separate or identify any such similar behaviour from unknown attacks. This paper provided a comprehensive review of machine learning techniques and their applications in Android malware detection as found in contemporary literature.</p>

Malware Detection in Android Apps Using Static Analysis

2022 ◽  
Vol 24 (3) ◽  
pp. 0-0
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Detection Rate ◽  
Empirical Studies ◽  
Malware Detection ◽  
Personal Data ◽  
Data Set ◽  
Android Apps ◽  
Malicious Apps ◽  
Day By Day

Frequency of malware attacks because Android apps are increasing day by day. Current studies have revealed startling facts about data harvesting incidents, where user’s personal data is at stake. To preserve privacy of users, a permission induced risk interface MalApp to identify privacy violations rising from granting permissions during app installation is proposed. It comprises of multi-fold process that performs static analysis based on app’s category. First, concept of reverse engineering is applied to extract app permissions to construct a Boolean-valued permission matrix. Second, ranking of permissions is done to identify the risky permissions across category. Third, machine learning and ensembling techniques have been incorporated to test the efficacy of the proposed approach on a data set of 404 benign and 409 malicious apps. The empirical studies have identified that our proposed algorithm gives a best case malware detection rate of 98.33%. The highlight of interface is that any app can be classified as benign or malicious even before running it using static analysis.

Android Malware Detection Techniques: A Literature Review

2020 ◽  
Vol 14 ◽  
Author(s):  
Meghna Dhalaria ◽  
Ekta Gandotra
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Future Research ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Future Research Directions ◽  
To Come ◽  
Tools And Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

Sign in / Sign up

Export Citation Format

Share Document