scholarly journals A Multiclass Detection System for Android Malicious Apps Based on Color Image Features

2020 ◽  
Vol 2020 ◽  
pp. 1-21
Author(s):  
Hua Zhang ◽  
Jiawei Qin ◽  
Boan Zhang ◽  
Hanbing Yan ◽  
Jing Guo ◽  
...  
Keyword(s):  
Color Image ◽  
Detection System ◽  
Binary Classification ◽  
Image Features ◽  
Detection Accuracy ◽  
Visualization Method ◽  
Android Apps ◽  
Malicious Apps ◽  
Color Visualization ◽  
Grayscale Images

The visual recognition of Android malicious applications (Apps) is mainly focused on the binary classification using grayscale images, while the multiclassification of malicious App families is rarely studied. If we can visualize the Android malicious Apps as color images, we will get more features than using grayscale images. In this paper, a method of color visualization for Android Apps is proposed and implemented. Based on this, combined with deep learning models, a multiclassifier for the Android malicious App families is implemented, which can classify 10 common malicious App families. In order to better understand the behavioral characteristics of malicious Apps, we conduct a comprehensive manual analysis for a large number of malicious Apps and summarize 1695 malicious behavior characteristics as customized features. Compared with the App classifier based on the grayscale visualization method, it is verified that the classifier using the color visualization method can achieve better classification results. We use four types of Android App features: classes.dex file, sets of class names, APIs, and customized features as input for App visualization. According to the experimental results, we find out that using the customized features as the color visualization input features can achieve the highest detection accuracy rate, which is 96% in the ten malicious families.

scholarly journals Feature Selection Models Based on Hybrid Firefly Algorithm with Mutation Operator for Network Intrusion Detection

2021 ◽  
Vol 14 (1) ◽  
pp. 192-202
Author(s):  
Karrar Alwan ◽  
◽  
Ahmed AbuEl-Atta ◽  
Hala Zayed ◽  
◽  
...  
Keyword(s):  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Firefly Algorithm ◽  
Detection System ◽  
Binary Classification ◽  
Feature Reduction ◽  
Detection Accuracy ◽  
Multi Classification ◽  
Modified Firefly Algorithm

Accurate intrusion detection is necessary to preserve network security. However, developing efficient intrusion detection system is a complex problem due to the nonlinear nature of the intrusion attempts, the unpredictable behaviour of network traffic, and the large number features in the problem space. Hence, selecting the most effective and discriminating feature is highly important. Additionally, eliminating irrelevant features can improve the detection accuracy as well as reduce the learning time of machine learning algorithms. However, feature reduction is an NPhard problem. Therefore, several metaheuristics have been employed to determine the most effective feature subset within reasonable time. In this paper, two intrusion detection models are built based on a modified version of the firefly algorithm to achieve the feature selection task. The first and, the second models have been used for binary and multiclass classification, respectively. The modified firefly algorithm employed a mutation operation to avoid trapping into local optima through enhancing the exploration capabilities of the original firefly. The significance of the selected features is evaluated using a Naïve Bayes classifier over a benchmark standard dataset, which contains different types of attacks. The obtained results revealed the superiority of the modified firefly algorithm against the original firefly algorithm in terms of the classification accuracy and the number of selected features under different scenarios. Additionally, the results assured the superiority of the proposed intrusion detection system against other recently proposed systems in both binary classification and multi-classification scenarios. The proposed system has 96.51% and 96.942% detection accuracy in binary classification and multi-classification, respectively. Moreover, the proposed system reduced the number of attributes from 41 to 9 for binary classification and to 10 for multi-classification.

scholarly journals An Enhanced and Automatic Skin Cancer Detection using K-Mean and PSO Technique

2019 ◽  
Vol 8 (9S) ◽  
pp. 634-639
Keyword(s):  
Skin Cancer ◽  
Cancer Detection ◽  
Detection System ◽  
Cell Cancer ◽  
Image Features ◽  
Detection Accuracy ◽  
Basal Cell Cancer ◽  
And Performance ◽  
Artificial Neural Network Ann ◽  
Skin Cancer Detection

Scientists have been trying to implement traditional methods around the world, particularly in developing countries, to reduce the death rate of skin cancer in humans. The scientific term is named as melanoma. But this effort always working hard as the system is costly, the low availability of experts and the conventional telemedicine. There are three types of skin cancer: basal cell cancer (BCC), squamous cell cancer, and melanoma. More than 90% of human is affected by ultraviolet (UV) radiation exposed to the sun. In this research, a skin cancer detection system (BCC) is designed in MATLAB. The images going to different processes such as Pre processing, feature extraction and classification. In pre-processing K-mean clustering is applied to determine the foreground and background of an image, since some part of background appear in the image after K-mean. Therefore, to resolve this problem Particle Swarm optimization (PSO) is applied. The segmented image features are extracted using Speed Up Robust Features (SURF), this helps to enhance the quality of the image. The Artificial neural network (ANN) is trained on the basis of these extracted features. To determine the efficiency of the system, the images are tested and performance parameters are measured. The detection accuracy determined by this model is about 98.7 5 is obtained.

scholarly journals R-MFDroid: Android Malware Detection using Ranked Manifest File Components

2021 ◽  
Vol 10 (7) ◽  
pp. 55-64
Author(s):  
Kartik Khariwal* ◽  
Rishabh Gupta ◽  
Jatin Singh ◽  
Anshul Arora
Keyword(s):  
Information Gain ◽  
Detection System ◽  
Malware Detection ◽  
Information Leakage ◽  
Svm Classifier ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Android Os ◽  
Malicious Apps

With the increasing fame of Android OS over the past few years, the quantity of malware assaults on Android has additionally expanded. In the year 2018, around 28 million malicious applications were found on the Android platform and these malicious apps were capable of causing huge financial losses and information leakage. Such threats, caused due to these malicious apps, call for a proper detection system for Android malware. There exist some research works that aim to study static manifest components for malware detection. However, to the best of our knowledge, none of the previous research works have aimed to find the best set amongst different manifest file components for malware detection. In this work, we focus on identifying the best feature set from manifest file components (Permissions, Intents, Hardware Components, Activities, Services, Broadcast Receivers, and Content Providers) that could give better detection accuracy. We apply Information Gain to rank the manifest file components intending to find the best set of components that can better classify between malware applications and benign applications. We put forward a novel algorithm to find the best feature set by using various machine learning classifiers like SVM, XGBoost, and Random Forest along with deep learning techniques like classification using Neural networks. The experimental results highlight that the best set obtained from the proposed algorithm consisted of 25 features, i.e., 5 Permissions, 2 Intents, 9 Activities, 3 Content Providers, 4 Hardware Components, 1 Service, and 1 Broadcast Receiver. The SVM classifier gave the highest classification accuracy of 96.93% and an F1-Score of 0.97 with this best set of 25 features.

scholarly journals MADFU: An Improved Malicious Application Detection Method Based on Features Uncertainty

Entropy ◽  
2020 ◽  
Vol 22 (7) ◽  
pp. 792
Author(s):  
Hongli Yuan ◽  
Yongchuan Tang
Keyword(s):  
False Positive Rate ◽  
Regression Function ◽  
Detection Accuracy ◽  
Detection Model ◽  
Android Apps ◽  
Positive Rate ◽  
Android App ◽  
Android Applications ◽  
Malicious Apps ◽  
Static Detection

Millions of Android applications (apps) are widely used today. Meanwhile, the number of malicious apps has increased exponentially. Currently, there are many security detection technologies for Android apps, such as static detection and dynamic detection. However, the uncertainty of the features in detection is not considered sufficiently in these technologies. Permissions play an important role in the security detection of Android apps. In this paper, a malicious application detection model based on features uncertainty (MADFU) is proposed. MADFU uses logistic regression function to describe the input (permissions) and output (labels) relationship. Moreover, it uses the Markov chain Monte Carlo (MCMC) algorithm to solve features’ uncertainty. After experimenting with 2037 samples, for malware detection, MADFU achieves an accuracy of up to 95.5%, and the false positive rate (FPR) is 1.2%. MADFU’s Android app detection accuracy is higher than the accuracy of directly using 24 dangerous permission. The results also indicate that the method for an unknown/new sample’s detection accuracy is 92.7%. Compared to other state-of-the-art approaches, the proposed method is more effective and efficient, by detecting malware.

scholarly journals Power-Based Non-Intrusive Condition Monitoring for Terminal Device in Smart Grid

Sensors ◽  
2020 ◽  
Vol 20 (13) ◽  
pp. 3635 ◽  
Author(s):  
Guoming Zhang ◽  
Xiaoyu Ji ◽  
Yanjie Li ◽  
Wenyuan Xu
Keyword(s):  
Smart Grid ◽  
Power Consumption ◽  
Real Time ◽  
Condition Monitoring ◽  
Resource Constraints ◽  
Detection System ◽  
Stable Operation ◽  
Detection Accuracy ◽  
Monitoring Method ◽  
Dsp Processors

As a critical component in the smart grid, the Distribution Terminal Unit (DTU) dynamically adjusts the running status of the entire smart grid based on the collected electrical parameters to ensure the safe and stable operation of the smart grid. However, as a real-time embedded device, DTU has not only resource constraints but also specific requirements on real-time performance, thus, the traditional anomaly detection method cannot be deployed. To detect the tamper of the program running on DTU, we proposed a power-based non-intrusive condition monitoring method that collects and analyzes the power consumption of DTU using power sensors and machine learning (ML) techniques, the feasibility of this approach is that the power consumption is closely related to the executing code in CPUs, that is when the execution code is tampered with, the power consumption changes accordingly. To validate this idea, we set up a testbed based on DTU and simulated four types of imperceptible attacks that change the code running in ARM and DSP processors, respectively. We generate representative features and select lightweight ML algorithms to detect these attacks. We finally implemented the detection system on the windows and ubuntu platform and validated its effectiveness. The results show that the detection accuracy is up to 99.98% in a non-intrusive and lightweight way.

scholarly journals Malware Detection Based on Code Visualization and Two-Level Classification

Information ◽  
2021 ◽  
Vol 12 (3) ◽  
pp. 118
Author(s):  
Vassilios Moussas ◽  
Antonios Andreatos
Keyword(s):  
Web Applications ◽  
Detection System ◽  
Malware Detection ◽  
Image Features ◽  
Malicious Code ◽  
Malware Analysis ◽  
Malicious Software ◽  
Antivirus Software ◽  
Malware Classification ◽  
Artificial Neural Network Ann

Malware creators generate new malicious software samples by making minor changes in previously generated code, in order to reuse malicious code, as well as to go unnoticed from signature-based antivirus software. As a result, various families of variations of the same initial code exist today. Visualization of compiled executables for malware analysis has been proposed several years ago. Visualization can greatly assist malware classification and requires neither disassembly nor code execution. Moreover, new variations of known malware families are instantly detected, in contrast to traditional signature-based antivirus software. This paper addresses the problem of identifying variations of existing malware visualized as images. A new malware detection system based on a two-level Artificial Neural Network (ANN) is proposed. The classification is based on file and image features. The proposed system is tested on the ‘Malimg’ dataset consisting of the visual representation of well-known malware families. From this set some important image features are extracted. Based on these features, the ANN is trained. Then, this ANN is used to detect and classify other samples of the dataset. Malware families creating a confusion are classified by a second level of ANNs. The proposed two-level ANN method excels in simplicity, accuracy, and speed; it is easy to implement and fast to run, thus it can be applied to antivirus software, smart firewalls, web applications, etc.

scholarly journals Transcription Alignment of Historical Vietnamese Manuscripts without Human-Annotated Learning Samples

2021 ◽  
Vol 11 (11) ◽  
pp. 4894
Author(s):  
Anna Scius-Bertrand ◽  
Michael Jungo ◽  
Beat Wolf ◽  
Andreas Fischer ◽  
Marc Bui
Keyword(s):  
Object Detection ◽  
State Of The Art ◽  
Positive Impact ◽  
Detection System ◽  
Training Data ◽  
Detection Accuracy ◽  
Current State ◽  
Alignment Task ◽  
Scanned Image ◽  
Automatic Transcription

The current state of the art for automatic transcription of historical manuscripts is typically limited by the requirement of human-annotated learning samples, which are are necessary to train specific machine learning models for specific languages and scripts. Transcription alignment is a simpler task that aims to find a correspondence between text in the scanned image and its existing Unicode counterpart, a correspondence which can then be used as training data. The alignment task can be approached with heuristic methods dedicated to certain types of manuscripts, or with weakly trained systems reducing the required amount of annotations. In this article, we propose a novel learning-based alignment method based on fully convolutional object detection that does not require any human annotation at all. Instead, the object detection system is initially trained on synthetic printed pages using a font and then adapted to the real manuscripts by means of self-training. On a dataset of historical Vietnamese handwriting, we demonstrate the feasibility of annotation-free alignment as well as the positive impact of self-training on the character detection accuracy, reaching a detection accuracy of 96.4% with a YOLOv5m model without using any human annotation.

scholarly journals A new multi-scale backbone network for object detection based on asymmetric convolutions

2021 ◽  
Vol 104 (2) ◽  
pp. 003685042110113
Author(s):  
Xianghua Ma ◽  
Zhenkun Yang
Keyword(s):  
Object Detection ◽  
Image Features ◽  
Detection Accuracy ◽  
Mobile Platforms ◽  
Multi Scale ◽  
Backbone Network ◽  
Aspect Ratios ◽  
Pascal Voc ◽  
Scale Characteristics ◽  
Detection Speed

Real-time object detection on mobile platforms is a crucial but challenging computer vision task. However, it is widely recognized that although the lightweight object detectors have a high detection speed, the detection accuracy is relatively low. In order to improve detecting accuracy, it is beneficial to extract complete multi-scale image features in visual cognitive tasks. Asymmetric convolutions have a useful quality, that is, they have different aspect ratios, which can be used to exact image features of objects, especially objects with multi-scale characteristics. In this paper, we exploit three different asymmetric convolutions in parallel and propose a new multi-scale asymmetric convolution unit, namely MAC block to enhance multi-scale representation ability of CNNs. In addition, MAC block can adaptively merge the features with different scales by allocating learnable weighted parameters to three different asymmetric convolution branches. The proposed MAC blocks can be inserted into the state-of-the-art backbone such as ResNet-50 to form a new multi-scale backbone network of object detectors. To evaluate the performance of MAC block, we conduct experiments on CIFAR-100, PASCAL VOC 2007, PASCAL VOC 2012 and MS COCO 2014 datasets. Experimental results show that the detection precision can be greatly improved while a fast detection speed is guaranteed as well.

scholarly journals Multi-Scale Feature Pyramid Network: A Heavily Occluded Pedestrian Detection Network Based on ResNet

Sensors ◽  
2021 ◽  
Vol 21 (5) ◽  
pp. 1820
Author(s):  
Xiaotao Shao ◽  
Qing Wang ◽  
Wei Yang ◽  
Yun Chen ◽  
Yi Xie ◽  
...  
Keyword(s):  
Semantic Information ◽  
Detection System ◽  
Pedestrian Detection ◽  
Detection Accuracy ◽  
The Public ◽  
Scale Feature ◽  
Detection Algorithms ◽  
Multi Scale ◽  
Art Works ◽  
Feature Pyramid

The existing pedestrian detection algorithms cannot effectively extract features of heavily occluded targets which results in lower detection accuracy. To solve the heavy occlusion in crowds, we propose a multi-scale feature pyramid network based on ResNet (MFPN) to enhance the features of occluded targets and improve the detection accuracy. MFPN includes two modules, namely double feature pyramid network (FPN) integrated with ResNet (DFR) and repulsion loss of minimum (RLM). We propose the double FPN which improves the architecture to further enhance the semantic information and contours of occluded pedestrians, and provide a new way for feature extraction of occluded targets. The features extracted by our network can be more separated and clearer, especially those heavily occluded pedestrians. Repulsion loss is introduced to improve the loss function which can keep predicted boxes away from the ground truths of the unrelated targets. Experiments carried out on the public CrowdHuman dataset, we obtain 90.96% AP which yields the best performance, 5.16% AP gains compared to the FPN-ResNet50 baseline. Compared with the state-of-the-art works, the performance of the pedestrian detection system has been boosted with our method.

Sign in / Sign up

Export Citation Format

Share Document