Machine learning for mobile malware analysis

2021 ◽  
pp. 151-178
Author(s):  
Meenakshi ◽  
Puneet Garg ◽  
Pranav Shrivastava
Keyword(s):  
Machine Learning ◽  
Malware Analysis ◽  
Mobile Malware

scholarly journals Detection of Malicious Software by Analyzing Distinct Artifacts Using Machine Learning and Deep Learning Algorithms

Electronics ◽  
2021 ◽  
Vol 10 (14) ◽  
pp. 1694
Author(s):  
Mathew Ashik ◽  
A. Jyothish ◽  
S. Anandaram ◽  
P. Vinod ◽  
Francesco Mercaldo ◽  
...  
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Deep Learning ◽  
Support Vector ◽  
Malware Analysis ◽  
Learning Approaches ◽  
Dynamic Features ◽  
System Calls ◽  
Prevention Methods ◽  
Structural Aspects

Malware is one of the most significant threats in today’s computing world since the number of websites distributing malware is increasing at a rapid rate. Malware analysis and prevention methods are increasingly becoming necessary for computer systems connected to the Internet. This software exploits the system’s vulnerabilities to steal valuable information without the user’s knowledge, and stealthily send it to remote servers controlled by attackers. Traditionally, anti-malware products use signatures for detecting known malware. However, the signature-based method does not scale in detecting obfuscated and packed malware. Considering that the cause of a problem is often best understood by studying the structural aspects of a program like the mnemonics, instruction opcode, API Call, etc. In this paper, we investigate the relevance of the features of unpacked malicious and benign executables like mnemonics, instruction opcodes, and API to identify a feature that classifies the executable. Prominent features are extracted using Minimum Redundancy and Maximum Relevance (mRMR) and Analysis of Variance (ANOVA). Experiments were conducted on four datasets using machine learning and deep learning approaches such as Support Vector Machine (SVM), Naïve Bayes, J48, Random Forest (RF), and XGBoost. In addition, we also evaluate the performance of the collection of deep neural networks like Deep Dense network, One-Dimensional Convolutional Neural Network (1D-CNN), and CNN-LSTM in classifying unknown samples, and we observed promising results using APIs and system calls. On combining APIs/system calls with static features, a marginal performance improvement was attained comparing models trained only on dynamic features. Moreover, to improve accuracy, we implemented our solution using distinct deep learning methods and demonstrated a fine-tuned deep neural network that resulted in an F1-score of 99.1% and 98.48% on Dataset-2 and Dataset-3, respectively.

scholarly journals Dynamic detection of mobile malware using smartphone data and machine learning

2021 ◽  
Author(s):  
Sebastian Panman de Wit ◽  
Doina Bucur ◽  
Jeroen van der Ham
Keyword(s):  
Machine Learning ◽  
Malware Detection ◽  
Real Life ◽  
Detection Methods ◽  
Nearest Neighbour ◽  
Dynamic Features ◽  
Machine Learning Classifiers ◽  
Cpu Usage ◽  
Mobile Malware ◽  
Mobile Malware Detection

Mobile malware are malicious programs that target mobile devices. They are an increasing problem, as seen in the rise of detected mobile malware samples per year. The number of active smartphone users is expected to grow, stressing the importance of research on the detection of mobile malware. Detection methods for mobile malware exist but are still limited. In this paper, we propose dynamic malware-detection methods that use device information such as the CPU usage, battery usage, and memory usage for the detection of 10 subtypes of Mobile Trojans on the Android Operating System (OS). We use a real-life sensor dataset containing device and malware data from 47 users for a year (2016) to create multiple mobile malware detection methods. We examine which features, i.e. aspects, of a device, are most important to monitor to detect (subtypes of) Mobile Trojans. The focus of this paper is on dynamic hardware features. Using these dynamic features we apply the following machine learning classifiers: Random Forest, K-Nearest Neighbour, and AdaBoost.

scholarly journals Survey on Mobile Malware Analysis and Detection

2018 ◽  
Vol 7 (2.32) ◽  
pp. 279 ◽  
Author(s):  
K Swetha ◽  
K V.D.Kiran
Keyword(s):  
Mobile Phones ◽  
Malware Detection ◽  
Detection Methods ◽  
Classification Algorithms ◽  
Malware Analysis ◽  
Consistent System ◽  
Malware Classification ◽  
Mobile Malware

The amazing advances of mobile phones enable their wide utilize. Since mobiles are joined with pariah applications, bundles of security and insurance issues are incited. But, current mobile malware analysis and detection advances are as yet flawed, incapable, and incomprehensive. On account of particular qualities of mobiles such as constrained assets, user action and neighborhood correspondence ability, consistent system network, versatile malware detection faces new difficulties, particularly on remarkable runtime malware area. This paper provides overview on  malware classification, methodologies of assessment, analysis and on and off device detection methods on android. The work mainly focuses on different classification algorithms which are used as a part of dynamic malware detection on android.  

Leveraging ontologies and machine-learning techniques for malware analysis into Android permissions ecosystems

2018 ◽  
Vol 78 ◽  
pp. 429-453 ◽  
Author(s):  
Luiz C. Navarro ◽  
Alexandre K.W. Navarro ◽  
André Grégio ◽  
Anderson Rocha ◽  
Ricardo Dahab
Keyword(s):  
Machine Learning ◽  
Machine Learning Techniques ◽  
Malware Analysis ◽  
Learning Techniques
Sign in / Sign up

Export Citation Format

Share Document