scholarly journals A Hybrid Model for Android Malware Detection

2019 ◽  
Vol 8 (12) ◽  
pp. 2656-2662
Keyword(s):  
Malware Detection ◽  
Machine Learning Algorithms ◽  
Detection Accuracy ◽  
Dynamic Parameters ◽  
Android Malware ◽  
Detection Techniques ◽  
Advantages And Disadvantages ◽  
Android Malware Detection ◽  
Tree Classifier ◽  
Hybrid Detection

Android malware have risen exponentially over the past few years, posing several serious threats such as system damage, financial loss, and mobile botnets. Various detection techniques have been proposed in the literature for Android malware detection. Some of the techniques analyze static parameters such as permissions, or intents, whereas, others focus on dynamic parameters such as network traffic or system calls. Static techniques are relatively easier to implement, however, stealthy recent malware evade static detection by virtue of update attacks. Dynamic detection can be used to detect such stealthy malware, however, it increases the computation overhead. Hence, both kinds of techniques have their own advantages and disadvantages. In this paper, we have proposed an innovative hybrid detection model that uses both static and dynamic features for malware analysis and detection. We first rank the static and dynamic parameters according to the information gain and then apply machine learning algorithms in the testing phase. The results indicate that hybrid approach is better than both static and dynamic approaches and the proposed model achieves 98.9% detection accuracy with Decision Tree classifier

scholarly journals Permission Sensitivity-Based Malicious Application Detection for Android

2021 ◽  
Vol 2021 ◽  
pp. 1-12
Author(s):  
Yubo Song ◽  
Yijin Geng ◽  
Junbo Wang ◽  
Shang Gao ◽  
Wei Shi
Keyword(s):  
Detection Method ◽  
Malware Detection ◽  
Feature Selection Method ◽  
Machine Learning Algorithms ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Private Data ◽  
Weight Allocation

Since a growing number of malicious applications attempt to steal users’ private data by illegally invoking permissions, application stores have carried out many malware detection methods based on application permissions. However, most of them ignore specific permission combinations and application categories that affect the detection accuracy. The features they extracted are neither representative enough to distinguish benign and malicious applications. For these problems, an Android malware detection method based on permission sensitivity is proposed. First, for each kind of application categories, the permission features and permission combination features are extracted. The sensitive permission feature set corresponding to each category label is then obtained by the feature selection method based on permission sensitivity. In the following step, the permission call situation of the application to be detected is compared with the sensitive permission feature set, and the weight allocation method is used to quantify this information into numerical features. In the proposed method of malicious application detection, three machine-learning algorithms are selected to construct the classifier model and optimize the parameters. Compared with traditional methods, the proposed method consumed 60.94% less time while still achieving high accuracy of up to 92.17%.

scholarly journals Android Malware Detection Based on a Hybrid Deep Learning Model

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Tianliang Lu ◽  
Yanhui Du ◽  
Li Ouyang ◽  
Qiuyu Chen ◽  
Xirui Wang
Keyword(s):  
Deep Learning ◽  
Learning Algorithms ◽  
Malware Detection ◽  
Learning Model ◽  
Machine Learning Algorithms ◽  
Detection Accuracy ◽  
Dynamic Feature ◽  
Android Malware ◽  
Android Malware Detection ◽  
Deep Learning Model

In recent years, the number of malware on the Android platform has been increasing, and with the widespread use of code obfuscation technology, the accuracy of antivirus software and traditional detection algorithms is low. Current state-of-the-art research shows that researchers started applying deep learning methods for malware detection. We proposed an Android malware detection algorithm based on a hybrid deep learning model which combines deep belief network (DBN) and gate recurrent unit (GRU). First of all, analyze the Android malware; in addition to extracting static features, dynamic behavioral features with strong antiobfuscation ability are also extracted. Then, build a hybrid deep learning model for Android malware detection. Because the static features are relatively independent, the DBN is used to process the static features. Because the dynamic features have temporal correlation, the GRU is used to process the dynamic feature sequence. Finally, the training results of DBN and GRU are input into the BP neural network, and the final classification results are output. Experimental results show that, compared with the traditional machine learning algorithms, the Android malware detection model based on hybrid deep learning algorithms has a higher detection accuracy, and it also has a better detection effect on obfuscated malware.

scholarly journals Android Malware Detection Using Machine Learning with Feature Selection Based on the Genetic Algorithm

Mathematics ◽  
2021 ◽  
Vol 9 (21) ◽  
pp. 2813
Author(s):  
Jaehyeong Lee ◽  
Hyuk Jang ◽  
Sungmin Ha ◽  
Yourim Yoon
Keyword(s):  
Machine Learning ◽  
Genetic Algorithm ◽  
Genetic Algorithms ◽  
Feature Selection ◽  
Malware Detection ◽  
Feature Selection Method ◽  
Machine Learning Algorithms ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection

Since the discovery that machine learning can be used to effectively detect Android malware, many studies on machine learning-based malware detection techniques have been conducted. Several methods based on feature selection, particularly genetic algorithms, have been proposed to increase the performance and reduce costs. However, because they have yet to be compared with other methods and their many features have not been sufficiently verified, such methods have certain limitations. This study investigates whether genetic algorithm-based feature selection helps Android malware detection. We applied nine machine learning algorithms with genetic algorithm-based feature selection for 1104 static features through 5000 benign applications and 2500 malwares included in the Andro-AutoPsy dataset. Comparative experimental results show that the genetic algorithm performed better than the information gain-based method, which is generally used as a feature selection method. Moreover, machine learning using the proposed genetic algorithm-based feature selection has an absolute advantage in terms of time compared to machine learning without feature selection. The results indicate that incorporating genetic algorithms into Android malware detection is a valuable approach. Furthermore, to improve malware detection performance, it is useful to apply genetic algorithm-based feature selection to machine learning.

Android Malware Detection Techniques: A Literature Review

2020 ◽  
Vol 14 ◽  
Author(s):  
Meghna Dhalaria ◽  
Ekta Gandotra
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Malware Detection ◽  
Future Research ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Malware Detection ◽  
Future Research Directions ◽  
To Come ◽  
Tools And Techniques

Purpose: This paper provides the basics of Android malware, its evolution and tools and techniques for malware analysis. Its main aim is to present a review of the literature on Android malware detection using machine learning and deep learning and identify the research gaps. It provides the insights obtained through literature and future research directions which could help researchers to come up with robust and accurate techniques for classification of Android malware. Design/Methodology/Approach: This paper provides a review of the basics of Android malware, its evolution timeline and detection techniques. It includes the tools and techniques for analyzing the Android malware statically and dynamically for extracting features and finally classifying these using machine learning and deep learning algorithms. Findings: The number of Android users is expanding very fast due to the popularity of Android devices. As a result, there are more risks to Android users due to the exponential growth of Android malware. On-going research aims to overcome the constraints of earlier approaches for malware detection. As the evolving malware are complex and sophisticated, earlier approaches like signature based and machine learning based are not able to identify these timely and accurately. The findings from the review shows various limitations of earlier techniques i.e. requires more detection time, high false positive and false negative rate, low accuracy in detecting sophisticated malware and less flexible. Originality/value: This paper provides a systematic and comprehensive review on the tools and techniques being employed for analysis, classification and identification of Android malicious applications. It includes the timeline of Android malware evolution, tools and techniques for analyzing these statically and dynamically for the purpose of extracting features and finally using these features for their detection and classification using machine learning and deep learning algorithms. On the basis of the detailed literature review, various research gaps are listed. The paper also provides future research directions and insights which could help researchers to come up with innovative and robust techniques for detecting and classifying the Android malware.

An Opcode-Based Malware Detection Model Using Supervised Learning Algorithms

2021 ◽  
Vol 15 (4) ◽  
pp. 18-30
Author(s):  
Om Prakash Samantray ◽  
Satya Narayan Tripathy
Keyword(s):  
Supervised Learning ◽  
Learning Algorithms ◽  
Malware Detection ◽  
Support Vector ◽  
Detection Accuracy ◽  
Detection Techniques ◽  
Detection Model ◽  
Proposed Model ◽  
Tree Classifier ◽  
Supervised Learning Algorithms

There are several malware detection techniques available that are based on a signature-based approach. This approach can detect known malware very effectively but sometimes may fail to detect unknown or zero-day attacks. In this article, the authors have proposed a malware detection model that uses operation codes of malicious and benign executables as the feature. The proposed model uses opcode extract and count (OPEC) algorithm to prepare the opcode feature vector for the experiment. Most relevant features are selected using extra tree classifier feature selection technique and then passed through several supervised learning algorithms like support vector machine, naive bayes, decision tree, random forest, logistic regression, and k-nearest neighbour to build classification models for malware detection. The proposed model has achieved a detection accuracy of 98.7%, which makes this model better than many of the similar works discussed in the literature.

Towards Deep Learning-Based Approach for Detecting Android Malware

2021 ◽  
pp. 2193-2219
Author(s):  
Jarrett Booz ◽  
Josh McGiff ◽  
William G. Hatcher ◽  
Wei Yu ◽  
James Nguyen ◽  
...  
Keyword(s):  
Machine Learning ◽  
Deep Learning ◽  
Learning Environment ◽  
Malware Detection ◽  
Extensive Study ◽  
Detection Accuracy ◽  
Android Malware ◽  
Android Malware Detection ◽  
Mobile Malware Detection ◽  
Optimal Settings

In this article, the authors implement a deep learning environment and fine-tune parameters to determine the optimal settings for the classification of Android malware from extracted permission data. By determining the optimal settings, the authors demonstrate the potential performance of a deep learning environment for Android malware detection. Specifically, an extensive study is conducted on various hyper-parameters to determine optimal configurations, and then a performance evaluation is carried out on those configurations to compare and maximize detection accuracy in our target networks. The results achieve a detection accuracy of approximately 95%, with an approximate F1 score of 93%. In addition, the evaluation is extended to include other machine learning frameworks, specifically comparing Microsoft Cognitive Toolkit (CNTK) and Theano with TensorFlow. The future needs are discussed in the realm of machine learning for mobile malware detection, including adversarial training, scalability, and the evaluation of additional data and features.

scholarly journals Adversarial Samples on Android Malware Detection Systems for IoT Systems

Sensors ◽  
2019 ◽  
Vol 19 (4) ◽  
pp. 974 ◽  
Author(s):  
Xiaolei Liu ◽  
Xiaojiang Du ◽  
Xiaosong Zhang ◽  
Qingxin Zhu ◽  
Hao Wang ◽  
...  
Keyword(s):  
Detection System ◽  
Fitness Function ◽  
Malware Detection ◽  
Security Analysis ◽  
Machine Learning Algorithms ◽  
Android Malware ◽  
Testing Framework ◽  
Detection Systems ◽  
Android Malware Detection ◽  
Iot Devices

Many IoT (Internet of Things) systems run Android systems or Android-like systems. With the continuous development of machine learning algorithms, the learning-based Android malware detection system for IoT devices has gradually increased. However, these learning-based detection models are often vulnerable to adversarial samples. An automated testing framework is needed to help these learning-based malware detection systems for IoT devices perform security analysis. The current methods of generating adversarial samples mostly require training parameters of models and most of the methods are aimed at image data. To solve this problem, we propose a testing framework for learning-based Android malware detection systems (TLAMD) for IoT Devices. The key challenge is how to construct a suitable fitness function to generate an effective adversarial sample without affecting the features of the application. By introducing genetic algorithms and some technical improvements, our test framework can generate adversarial samples for the IoT Android application with a success rate of nearly 100% and can perform black-box testing on the system.

Sign in / Sign up

Export Citation Format

Share Document