scholarly journals PACER: Platform for Android Malware Classification, Performance Evaluation and Threat Reporting

2020 ◽  
Vol 12 (4) ◽  
pp. 66 ◽  
Author(s):  
Ajit Kumar ◽  
Vinti Agarwal ◽  
Shishir Kumar Shandilya ◽  
Andrii Shalaginov ◽  
Saket Upadhyay ◽  
...  
Keyword(s):  
Machine Learning ◽  
Performance Evaluation ◽  
Research Output ◽  
Application Programming Interface ◽  
Classification Performance ◽  
End Users ◽  
Android Malware ◽  
Detection Techniques ◽  
Malware Classification ◽  
Threat Reporting

Android malware has become the topmost threat for the ubiquitous and useful Android ecosystem. Multiple solutions leveraging big data and machine-learning capabilities to detect Android malware are being constantly developed. Too often, these solutions are either limited to research output or remain isolated and incapable of reaching end users or malware researchers. An earlier work named PACE (Platform for Android Malware Classification and Performance Evaluation), was introduced as a unified solution to offer open and easy implementation access to several machine-learning-based Android malware detection techniques, that makes most of the research reproducible in this domain. The benefits of PACE are offered through three interfaces: Representational State Transfer (REST) Application Programming Interface (API), Web Interface, and Android Debug Bridge (ADB) interface. These multiple interfaces enable users with different expertise such as IT administrators, security practitioners, malware researchers, etc. to use their offered services. In this paper, we propose PACER (Platform for Android Malware Classification, Performance Evaluation, and Threat Reporting), which extends PACE by adding threat intelligence and reporting functionality for the end-user device through the ADB interface. A prototype of the proposed platform is introduced, and our vision is that it will help malware analysts and end users to tackle challenges and reduce the amount of manual work.

Android Malware Detection Techniques: A Literature Review

2020 ◽  
Vol 14 ◽  
Author(s):  
Meghna Dhalaria ◽  
Ekta Gandotra
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Future Research ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Future Research Directions ◽  
To Come ◽  
Tools And Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

scholarly journals cHybriDroid: A Machine Learning-Based Hybrid Technique for Securing the Edge Computing

2020 ◽  
Vol 2020 ◽  
pp. 1-14
Author(s):  
Afifa Maryam ◽  
Usman Ahmed ◽  
Muhammad Aleem ◽  
Jerry Chun-Wei Lin ◽  
Muhammad Arshad Islam ◽  
...  
Keyword(s):  
Machine Learning ◽  
Hybrid Approach ◽  
Malware Detection ◽  
Edge Computing ◽  
Cloud Services ◽  
Hybrid Technique ◽  
Dynamic Features ◽  
Hybrid Features ◽  
Android Malware ◽  
Detection Techniques

Smart phones are an integral component of the mobile edge computing (MEC) framework. Securing the data stored on mobile devices is very crucial for ensuring the smooth operations of cloud services. A growing number of malicious Android applications demand an in-depth investigation to dissect their malicious intent to design effective malware detection techniques. The contemporary state-of-the-art model suggests that hybrid features based on machine learning (ML) techniques could play a significant role in android malware detection. The selection of application’s features plays a very crucial role to capture the appropriate behavioural patterns of malware instances for a useful classification of mobile applications. In this study, we propose a novel hybrid approach to detect android malware, wherein static features in conjunction with dynamic features of smart phone applications are employed. We collect these hybrid features using permissions, intents, and run-time features (such as information leakage, cryptography’s exploitation, and network manipulations) to analyse the effectiveness of the employed techniques for malware detection. We conduct experiments using over 5,000 real-world applications. The outcomes of the study reveal that the proposed set of features has successfully detected malware threats with 97% F-measure results.

scholarly journals Two Anatomists Are Better than One—Dual-Level Android Malware Detection

Symmetry ◽  
2020 ◽  
Vol 12 (7) ◽  
pp. 1128 ◽  
Author(s):  
Vasileios Kouliaridis ◽  
Georgios Kambourakis ◽  
Dimitris Geneiatakis ◽  
Nektaria Potha
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Web Application ◽  
Classification Performance ◽  
Detection Accuracy ◽  
Android Malware ◽  
Static And Dynamic Analysis ◽  
Dynamic Instrumentation ◽  
Android Malware Detection ◽  
Hybrid Solutions

The openness of the Android operating system and its immense penetration into the market makes it a hot target for malware writers. This work introduces Androtomist, a novel tool capable of symmetrically applying static and dynamic analysis of applications on the Android platform. Unlike similar hybrid solutions, Androtomist capitalizes on a wealth of features stemming from static analysis along with rigorous dynamic instrumentation to dissect applications and decide if they are benign or not. The focus is on anomaly detection using machine learning, but the system is able to autonomously conduct signature-based detection as well. Furthermore, Androtomist is publicly available as open source software and can be straightforwardly installed as a web application. The application itself is dual mode, that is, fully automated for the novice user and configurable for the expert one. As a proof-of-concept, we meticulously assess the detection accuracy of Androtomist against three different popular malware datasets and a handful of machine learning classifiers. We particularly concentrate on the classification performance achieved when the results of static analysis are combined with dynamic instrumentation vis-à-vis static analysis only. Our study also introduces an ensemble approach by averaging the output of all base classification models per malware instance separately, and provides a deeper insight on the most influencing features regarding the classification process. Depending on the employed dataset, for hybrid analysis, we report notably promising to excellent results in terms of the accuracy, F1, and AUC metrics.

scholarly journals A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

Information ◽  
2021 ◽  
Vol 12 (5) ◽  
pp. 185
Author(s):  
Vasileios Kouliaridis ◽  
Georgios Kambourakis
Keyword(s):  
Machine Learning ◽  
Performance Metrics ◽  
Malware Detection ◽  
Machine Learning Techniques ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Mobile Malware ◽  
Comprehensive Survey ◽  
Mobile Malware Detection

Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.

scholarly journals Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm

Mathematics ◽  
2021 ◽  
Vol 9 (21) ◽  
pp. 2813
Author(s):  
Jaehyeong Lee ◽  
Hyuk Jang ◽  
Sungmin Ha ◽  
Yourim Yoon
Keyword(s):  
Machine Learning ◽  
Genetic Algorithm ◽  
Genetic Algorithms ◽  
Feature Selection ◽  
Malware Detection ◽  
Feature Selection Method ◽  
Machine Learning Algorithms ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection

Since the discovery that machine learning can be used to effectively detect Android malware, many studies on machine learning-based malware detection techniques have been conducted. Several methods based on feature selection, particularly genetic algorithms, have been proposed to increase the performance and reduce costs. However, because they have yet to be compared with other methods and their many features have not been sufficiently verified, such methods have certain limitations. This study investigates whether genetic algorithm-based feature selection helps Android malware detection. We applied nine machine learning algorithms with genetic algorithm-based feature selection for 1104 static features through 5000 benign applications and 2500 malwares included in the Andro-AutoPsy dataset. Comparative experimental results show that the genetic algorithm performed better than the information gain-based method, which is generally used as a feature selection method. Moreover, machine learning using the proposed genetic algorithm-based feature selection has an absolute advantage in terms of time compared to machine learning without feature selection. The results indicate that incorporating genetic algorithms into Android malware detection is a valuable approach. Furthermore, to improve malware detection performance, it is useful to apply genetic algorithm-based feature selection to machine learning.

scholarly journals A Comprehensive Study of Malware Detection in Android Operating Systems

2021 ◽  
pp. 30-46
Author(s):  
Suhaib Jasim Hamdi ◽  
Ibrahim Mahmood Ibrahim ◽  
Naaman Omar ◽  
Omar M. Ahmed ◽  
Zryan Najat Rashid ◽  
...  
Keyword(s):  
Machine Learning ◽  
Malware Detection ◽  
Detailed Comparison ◽  
Detection Methods ◽  
Current Status ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Apps ◽  
Android Malware Detection ◽  
Wide Range

Android is now the world's (or one of the world’s) most popular operating system. More and more malware assaults are taking place in Android applications. Many security detection techniques based on Android Apps are now available. The open environmental feature of the Android environment has given Android an extensive appeal in recent years. The growing number of mobile devices are incorporated in many aspects of our everyday lives. This  paper gives a detailed comparison that summarizes and analyses various detection techniques. This work examines the current status of Android malware detection methods, with an emphasis on Machine Learning-based classifiers for detecting malicious software on Android devices. Android has a huge number of apps that may be downloaded and used for free. Consequently, Android phones are more susceptible to malware. As a result, additional research has been done in order to develop effective malware detection methods. To begin, several of the currently available Android malware detection approaches are carefully examined and classified based on their detection methodologies. This study examines a wide range of machine-learning-based methods to detecting Android malware covering both types dynamic and static.

Sign in / Sign up

Export Citation Format

Share Document