scholarly journals Significant Permission Identification for Machine Learning Based Android Malware Detection

2021 ◽  
Vol 9 (8) ◽  
pp. 2284-2288
Keyword(s):  
Machine Learning ◽  
Support Vector Machine ◽  
Detection System ◽  
Malware Detection ◽  
System Level ◽  
Support Vector ◽  
Android Malware ◽  
Android Malware Detection ◽  
Malicious Apps ◽  
Baseline Approach

Abstract: The dreadful rate of growth of malicious apps has become a significant issue that sets back the prosperous mobile scheme. A recent report indicates that a brand new malicious app for golem is introduced each ten seconds. To combat this serious malware campaign, we'd like a scalable malware detection approach that may effectively and expeditiously determine malware apps. varied malware detection tools are developed, together with system-level and network-level approaches. However, scaling the detection for an outsized bundle of apps remains a difficult task. during this paper, we tend to introduce SIGPID, a malware detection system supported permission usage analysis to address the speedy increase within the range of golem malware. rather than extracting and analyzing all golem permissions, we tend to develop 3-levels of pruning by mining the permission information to spot the foremost important permissions that may be effective in identifying between benign and malicious apps. SIGPID then utilizes machine-learning based mostly classification ways to classify totally different families of malware and benign apps. Our analysis finds that solely twenty two permissions square measure important. we tend to then compare the performance of our approach, victimisation solely twenty two permissions, against a baseline approach that analyzes all permissions. The results indicate that once Support Vector Machine (SVM) is employed because the classifier, we are able to bring home the bacon over ninetieth of preciseness, recall, accuracy, and F-measure, that square measure concerning constant as those created by the baseline approach whereas acquisition the analysis times that square measure four to thirty two times but those of victimisation all permissions. Compared against alternative progressive approaches, SIGPID is more practical by sleuthing ninety three.62% of malware within the information set, and 91.4% unknown/new malware samples. Keywords: SIGPID (Significant Permission Identification), SVM(Support Vector Machine), Android, Malware, Benign, Data pruning

scholarly journals Linear SVM-Based Android Malware Detection for Reliable IoT Services

2014 ◽  
Vol 2014 ◽  
pp. 1-10 ◽  
Author(s):  
Hyo-Sik Ham ◽  
Hwan-Hee Kim ◽  
Myung-Sup Kim ◽  
Mi-Jung Choi
Keyword(s):  
Machine Learning ◽  
Mobile Devices ◽  
Malware Detection ◽  
Information Leakage ◽  
Support Vector ◽  
Android Malware ◽  
Machine Learning Classifiers ◽  
Android Malware Detection ◽  
Learning Classifiers ◽  
Linear Svm

Current many Internet of Things (IoT) services are monitored and controlled through smartphone applications. By combining IoT with smartphones, many convenient IoT services have been provided to users. However, there are adverse underlying effects in such services including invasion of privacy and information leakage. In most cases, mobile devices have become cluttered with important personal user information as various services and contents are provided through them. Accordingly, attackers are expanding the scope of their attacks beyond the existing PC and Internet environment into mobile devices. In this paper, we apply a linear support vector machine (SVM) to detect Android malware and compare the malware detection performance of SVM with that of other machine learning classifiers. Through experimental validation, we show that the SVM outperforms other machine learning classifiers.

Permission-based Android Malware Detection System Using Feature Selection with Genetic Algorithm

2019 ◽  
Vol 29 (02) ◽  
pp. 245-262 ◽  
Author(s):  
Oktay Yildiz ◽  
Ibrahim Alper Doğru
Keyword(s):  
Genetic Algorithm ◽  
Feature Selection ◽  
Detection System ◽  
Malware Detection ◽  
Support Vector ◽  
Android Malware ◽  
Detection Systems ◽  
Android Malware Detection ◽  
Vector Machines ◽  
Accuracy Result

As the use of smartphones increases, Android, as a Linux-based open source mobile operating system (OS), has become the most popular mobile OS in time. Due to the widespread use of Android, malware developers mostly target Android devices and users. Malware detection systems to be developed for Android devices are important for this reason. Machine learning methods are being increasingly used for detection and analysis of Android malware. This study presents a method for detecting Android malware using feature selection with genetic algorithm (GA). Three different classifier methods with different feature subsets that were selected using GA were implemented for detecting and analyzing Android malware comparatively. A combination of Support Vector Machines and a GA yielded the best accuracy result of 98.45% with the 16 selected permissions using the dataset of 1740 samples consisting of 1119 malwares and 621 benign samples.

scholarly journals An Enhanced Novel GA-based Malware Detection in End Systems Using Structured and Unstructured Data by Comparing Support Vector Machine and Neural Network

2021 ◽  
Vol 11 (2) ◽  
pp. 1514-1525
Author(s):  
Sai Tejeshwar Reddy T
Keyword(s):  
Neural Network ◽  
Support Vector Machine ◽  
Malware Detection ◽  
Unstructured Data ◽  
Support Vector ◽  
Network Algorithms ◽  
Android Malware ◽  
Android Malware Detection ◽  
The Neural Network ◽  
Neural Network Algorithm

Aim: The aim of the work is to perform android malware detection using Structured and Unstructured data by comparing Neural Network algorithms and SVM. Materials and Methods: consider two groups such as Support Vector Machine and Neural Network. For each algorithm take N=10 samples from the dataset collected and perform two iterations on each algorithm to identify the Malware Detection. Result: The accuracy results of the Neural Network model has potential up to (82.91%) and the Support Vector Machine algorithm has an accuracy of (79.67%) for Android malware detection with the significance value of (p=0.007). Conclusion: classification of android malware detection using Neural Network algorithm shows better accuracy than SVM.

scholarly journals R-MFDroid: Android Malware Detection using Ranked Manifest File Components

2021 ◽  
Vol 10 (7) ◽  
pp. 55-64
Author(s):  
Kartik Khariwal* ◽  
Rishabh Gupta ◽  
Jatin Singh ◽  
Anshul Arora
Keyword(s):  
Information Gain ◽  
Detection System ◽  
Malware Detection ◽  
Information Leakage ◽  
Svm Classifier ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Android Os ◽  
Malicious Apps

With the increasing fame of Android OS over the past few years, the quantity of malware assaults on Android has additionally expanded. In the year 2018, around 28 million malicious applications were found on the Android platform and these malicious apps were capable of causing huge financial losses and information leakage. Such threats, caused due to these malicious apps, call for a proper detection system for Android malware. There exist some research works that aim to study static manifest components for malware detection. However, to the best of our knowledge, none of the previous research works have aimed to find the best set amongst different manifest file components for malware detection. In this work, we focus on identifying the best feature set from manifest file components (Permissions, Intents, Hardware Components, Activities, Services, Broadcast Receivers, and Content Providers) that could give better detection accuracy. We apply Information Gain to rank the manifest file components intending to find the best set of components that can better classify between malware applications and benign applications. We put forward a novel algorithm to find the best feature set by using various machine learning classifiers like SVM, XGBoost, and Random Forest along with deep learning techniques like classification using Neural networks. The experimental results highlight that the best set obtained from the proposed algorithm consisted of 25 features, i.e., 5 Permissions, 2 Intents, 9 Activities, 3 Content Providers, 4 Hardware Components, 1 Service, and 1 Broadcast Receiver. The SVM classifier gave the highest classification accuracy of 96.93% and an F1-Score of 0.97 with this best set of 25 features.

scholarly journals Malware Collusion Attack against SVM: Issues and Countermeasures

2018 ◽  
Vol 8 (10) ◽  
pp. 1718 ◽  
Author(s):  
Hongyi Chen ◽  
Jinshu Su ◽  
Linbo Qiao ◽  
Qin Xin
Keyword(s):  
Machine Learning ◽  
Low Cost ◽  
Malware Detection ◽  
Detection Methods ◽  
Support Vector ◽  
Collusion Attack ◽  
Android Malware ◽  
Android Malware Detection ◽  
Malicious Behavior ◽  
Linear Svm

Android has become the most popular mobile platform, and a hot target for malware developers. At the same time, researchers have come up with numerous ways to deal with malware. Among them, machine learning based methods are quite effective in Android malware detection, the accuracy of which can be as high as 98%. Thus, malware developers have the incentives to develop more advanced malware to evade detection. This paper presents an adversary attack scenario (Collusion Attack) that will compromise current machine learning based malware detection methods, especially Support Vector Machines (SVM). The malware developers can perform this attack easily by splitting malicious payload into two or more apps. Meanwhile, attackers may hide their malicious behavior by using advanced techniques (Evasion Attack), such as obfuscation, etc. According to our simulation, 87.4% of apps can evade Linear SVM by Collusion Attack. When performing Collusion and Evasion Attack simultaneously, the evasion rate can reach 100% at a low cost. Thus, we proposed a method to deal with this issue. This approach, realized in a tool, called ColluDroid, can identify the collusion apps by analyzing the communication between apps. In addition, it can integrate secure learning methods (e.g., Sec-SVM) to fight against Evasion Attack. The evaluation results show that ColluDroid is effective in finding out the collusion apps and ColluDroid-Sec-SVM has the best performance in the presence of both Collusion and Evasion Attack.

Sign in / Sign up

Export Citation Format

Share Document