Dynamic detection of mobile malware using smartphone data and machine learning

Mobile malware are malicious programs that target mobile devices. They are an increasing problem, as seen in the rise of detected mobile malware samples per year. The number of active smartphone users is expected to grow, stressing the importance of research on the detection of mobile malware. Detection methods for mobile malware exist but are still limited. In this paper, we propose dynamic malware-detection methods that use device information such as the CPU usage, battery usage, and memory usage for the detection of 10 subtypes of Mobile Trojans on the Android Operating System (OS). We use a real-life sensor dataset containing device and malware data from 47 users for a year (2016) to create multiple mobile malware detection methods. We examine which features, i.e. aspects, of a device, are most important to monitor to detect (subtypes of) Mobile Trojans. The focus of this paper is on dynamic hardware features. Using these dynamic features we apply the following machine learning classifiers: Random Forest, K-Nearest Neighbour, and AdaBoost.

Download Full-text

Evaluation of machine learning classifiers for mobile malware detection

Soft Computing ◽

10.1007/s00500-014-1511-6 ◽

2014 ◽

Vol 20 (1) ◽

pp. 343-357 ◽

Cited By ~ 128

Author(s):

Fairuz Amalina Narudin ◽

Ali Feizollah ◽

Nor Badrul Anuar ◽

Abdullah Gani

Keyword(s):

Machine Learning ◽

Malware Detection ◽

Machine Learning Classifiers ◽

Learning Classifiers ◽

Mobile Malware ◽

Mobile Malware Detection

Download Full-text

Experiences of landing machine learning onto market-scale mobile malware detection

Proceedings of the Fifteenth European Conference on Computer Systems ◽

10.1145/3342195.3387530 ◽

2020 ◽

Author(s):

Liangyi Gong ◽

Zhenhua Li ◽

Feng Qian ◽

Zifan Zhang ◽

Qi Alfred Chen ◽

...

Keyword(s):

Machine Learning ◽

Malware Detection ◽

Mobile Malware ◽

Mobile Malware Detection

Download Full-text

Mobile Malware Detection using Anomaly Based Machine Learning Classifier Techniques

Diyala Journal for Pure Science ◽

10.24237/djps.17.02.544b ◽

2021 ◽

Vol 17 (2) ◽

pp. 13-25

Author(s):

Saja Ibraheem Hani ◽

Naji Matter Sahib

Keyword(s):

Machine Learning ◽

Malware Detection ◽

Learning Classifier ◽

Mobile Malware ◽

Mobile Malware Detection

Download Full-text

A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

Information ◽

10.3390/info12050185 ◽

2021 ◽

Vol 12 (5) ◽

pp. 185

Author(s):

Vasileios Kouliaridis ◽

Georgios Kambourakis

Keyword(s):

Machine Learning ◽

Performance Metrics ◽

Malware Detection ◽

Machine Learning Techniques ◽

Android Malware ◽

Detection Techniques ◽

Android Malware Detection ◽

Mobile Malware ◽

Comprehensive Survey ◽

Mobile Malware Detection

Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.

Download Full-text