scholarly journals Malware Detection in Android Apps Using Static Analysis

2022 ◽  
Vol 24 (3) ◽  
pp. 1-25
Author(s):  
Nishtha Paul ◽  
Arpita Jadhav Bhatt ◽  
Sakeena Rizvi ◽  
Shubhangi
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Detection Rate ◽  
Empirical Studies ◽  
Malware Detection ◽  
Personal Data ◽  
Data Set ◽  
Android Apps ◽  
Malicious Apps ◽  
Day By Day

Frequency of malware attacks because Android apps are increasing day by day. Current studies have revealed startling facts about data harvesting incidents, where user’s personal data is at stake. To preserve privacy of users, a permission induced risk interface MalApp to identify privacy violations rising from granting permissions during app installation is proposed. It comprises of multi-fold process that performs static analysis based on app’s category. First, concept of reverse engineering is applied to extract app permissions to construct a Boolean-valued permission matrix. Second, ranking of permissions is done to identify the risky permissions across category. Third, machine learning and ensembling techniques have been incorporated to test the efficacy of the proposed approach on a data set of 404 benign and 409 malicious apps. The empirical studies have identified that our proposed algorithm gives a best case malware detection rate of 98.33%. The highlight of interface is that any app can be classified as benign or malicious even before running it using static analysis.

Malware Detection in Android Apps Using Static Analysis

2022 ◽  
Vol 24 (3) ◽  
pp. 0-0
Keyword(s):  
Machine Learning ◽  
Static Analysis ◽  
Detection Rate ◽  
Empirical Studies ◽  
Malware Detection ◽  
Personal Data ◽  
Data Set ◽  
Android Apps ◽  
Malicious Apps ◽  
Day By Day

Frequency of malware attacks because Android apps are increasing day by day. Current studies have revealed startling facts about data harvesting incidents, where user’s personal data is at stake. To preserve privacy of users, a permission induced risk interface MalApp to identify privacy violations rising from granting permissions during app installation is proposed. It comprises of multi-fold process that performs static analysis based on app’s category. First, concept of reverse engineering is applied to extract app permissions to construct a Boolean-valued permission matrix. Second, ranking of permissions is done to identify the risky permissions across category. Third, machine learning and ensembling techniques have been incorporated to test the efficacy of the proposed approach on a data set of 404 benign and 409 malicious apps. The empirical studies have identified that our proposed algorithm gives a best case malware detection rate of 98.33%. The highlight of interface is that any app can be classified as benign or malicious even before running it using static analysis.

scholarly journals PROUD-MAL: static analysis-based progressive framework for deep unsupervised malware classification of windows portable executable

2021 ◽  
Author(s):  
Syed Khurram Jah Rizvi ◽  
Warda Aslam ◽  
Muhammad Shahzad ◽  
Shahzad Saleem ◽  
Muhammad Moazam Fraz
Keyword(s):  
Neural Network ◽  
Machine Learning ◽  
Static Analysis ◽  
Deep Neural Network ◽  
Early Stage ◽  
Malware Detection ◽  
Machine Learning Algorithms ◽  
Organizational Network ◽  
Depth Analysis ◽  
Feature Attention

AbstractEnterprises are striving to remain protected against malware-based cyber-attacks on their infrastructure, facilities, networks and systems. Static analysis is an effective approach to detect the malware, i.e., malicious Portable Executable (PE). It performs an in-depth analysis of PE files without executing, which is highly useful to minimize the risk of malicious PE contaminating the system. Yet, instant detection using static analysis has become very difficult due to the exponential rise in volume and variety of malware. The compelling need of early stage detection of malware-based attacks significantly motivates research inclination towards automated malware detection. The recent machine learning aided malware detection approaches using static analysis are mostly supervised. Supervised malware detection using static analysis requires manual labelling and human feedback; therefore, it is less effective in rapidly evolutionary and dynamic threat space. To this end, we propose a progressive deep unsupervised framework with feature attention block for static analysis-based malware detection (PROUD-MAL). The framework is based on cascading blocks of unsupervised clustering and features attention-based deep neural network. The proposed deep neural network embedded with feature attention block is trained on the pseudo labels. To evaluate the proposed unsupervised framework, we collected a real-time malware dataset by deploying low and high interaction honeypots on an enterprise organizational network. Moreover, endpoint security solution is also deployed on an enterprise organizational network to collect malware samples. After post processing and cleaning, the novel dataset consists of 15,457 PE samples comprising 8775 malicious and 6681 benign ones. The proposed PROUD-MAL framework achieved an accuracy of more than 98.09% with better quantitative performance in standard evaluation parameters on collected dataset and outperformed other conventional machine learning algorithms. The implementation and dataset are available at https://bit.ly/35Sne3a.

scholarly journals Mlifdect: Android Malware Detection Based on Parallel Machine Learning and Information Fusion

2017 ◽  
Vol 2017 ◽  
pp. 1-14 ◽  
Author(s):  
Xin Wang ◽  
Dafang Zhang ◽  
Xin Su ◽  
Wenjia Li
Keyword(s):  
Machine Learning ◽  
Information Fusion ◽  
Malware Detection ◽  
Parallel Machine ◽  
Detection Methods ◽  
Detection Accuracy ◽  
Android Malware ◽  
Detection Model ◽  
Android Apps ◽  
Android Malware Detection

In recent years, Android malware has continued to grow at an alarming rate. More recent malicious apps’ employing highly sophisticated detection avoidance techniques makes the traditional machine learning based malware detection methods far less effective. More specifically, they cannot cope with various types of Android malware and have limitation in detection by utilizing a single classification algorithm. To address this limitation, we propose a novel approach in this paper that leverages parallel machine learning and information fusion techniques for better Android malware detection, which is named Mlifdect. To implement this approach, we first extract eight types of features from static analysis on Android apps and build two kinds of feature sets after feature selection. Then, a parallel machine learning detection model is developed for speeding up the process of classification. Finally, we investigate the probability analysis based and Dempster-Shafer theory based information fusion approaches which can effectively obtain the detection results. To validate our method, other state-of-the-art detection works are selected for comparison with real-world Android apps. The experimental results demonstrate that Mlifdect is capable of achieving higher detection accuracy as well as a remarkable run-time efficiency compared to the existing malware detection solutions.

scholarly journals A Comprehensive Study of Malware Detection in Android Operating Systems

2021 ◽  
pp. 30-46
Author(s):  
Suhaib Jasim Hamdi ◽  
Ibrahim Mahmood Ibrahim ◽  
Naaman Omar ◽  
Omar M. Ahmed ◽  
Zryan Najat Rashid ◽  
...  
Keyword(s):  
Machine Learning ◽  
Malware Detection ◽  
Detailed Comparison ◽  
Detection Methods ◽  
Current Status ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Apps ◽  
Android Malware Detection ◽  
Wide Range

Android is now the world's (or one of the world’s) most popular operating system. More and more malware assaults are taking place in Android applications. Many security detection techniques based on Android Apps are now available. The open environmental feature of the Android environment has given Android an extensive appeal in recent years. The growing number of mobile devices are incorporated in many aspects of our everyday lives. This  paper gives a detailed comparison that summarizes and analyses various detection techniques. This work examines the current status of Android malware detection methods, with an emphasis on Machine Learning-based classifiers for detecting malicious software on Android devices. Android has a huge number of apps that may be downloaded and used for free. Consequently, Android phones are more susceptible to malware. As a result, additional research has been done in order to develop effective malware detection methods. To begin, several of the currently available Android malware detection approaches are carefully examined and classified based on their detection methodologies. This study examines a wide range of machine-learning-based methods to detecting Android malware covering both types dynamic and static.

scholarly journals A State of Art Survey for Understanding Malware Detection Approaches in Android Operating System

2021 ◽  
pp. 44-60
Author(s):  
Suhaib Jasim Hamdi ◽  
Naaman Omar ◽  
Adel AL-zebari ◽  
Karwan Jameel Merceedi ◽  
Abdulraheem Jamil Ahmed ◽  
...  
Keyword(s):  
Machine Learning ◽  
Operating System ◽  
Malware Detection ◽  
Personal Digital Assistants ◽  
Android Malware ◽  
Detection Techniques ◽  
Android Apps ◽  
Digital World ◽  
Android Malware Detection ◽  
Android Applications

Mobile malware is malicious software that targets mobile phones or wireless-enabled Personal digital assistants (PDA), by causing the collapse of the system and loss or leakage of confidential information. As wireless phones and PDA networks have become more and more common and have grown in complexity, it has become increasingly difficult to ensure their safety and security against electronic attacks in the form of viruses or other malware. Android is now the world's most popular OS. More and more malware assaults are taking place in Android applications. Many security detection techniques based on Android Apps are now available. Android applications are developing rapidly across the mobile ecosystem, but Android malware is also emerging in an endless stream. Many researchers have studied the problem of Android malware detection and have put forward theories and methods from different perspectives. Existing research suggests that machine learning is an effective and promising way to detect Android malware. Notwithstanding, there exist reviews that have surveyed different issues related to Android malware detection based on machine learning. The open environmental feature of the Android environment has given Android an extensive appeal in recent years. The growing number of mobile devices, they are incorporated in many aspects of our everyday lives. In today’s digital world most of the anti-malware tools are signature based which is ineffective to detect advanced unknown malware viz. Android OS, which is the most prevalent operating system (OS), has enjoyed immense popularity for smart phones over the past few years. Seizing this opportunity, cybercrime will occur in the form of piracy and malware. Traditional detection does not suffice to combat newly created advanced malware. So, there is a need for smart malware detection systems to reduce malicious activities risk. The present paper includes a thorough comparison that summarizes and analyses the various detection techniques.

scholarly journals Detecting Malicious Applications on Android is based on Static Analysis using Machine Learning Algorithm

2020 ◽  
Vol 9 (4) ◽  
pp. 1283-1287
Keyword(s):  
Machine Learning ◽  
Operating System ◽  
Mobile Devices ◽  
Static Analysis ◽  
Learning Algorithm ◽  
Malicious Code ◽  
Machine Learning Algorithms ◽  
Unusual Behavior ◽  
Android Apps ◽  
Android Operating System

Attacks on users through mobile devices in general, and mobile devices with Android operating system in particular, have been causing many serious consequences. Research [1] lists the vulnerabilities found in the Android operating system, making it the preferred target of cyberattackers. Report [2] statistics the number of cyberattacks via mobile devices and mobile devices using Android operating system. The report points out the insecurity of information from applications downloaded by users from Android apps stores. Therefore, to prevent the attack and distribution of malware through Android apps, it is necessary to research the method of detecting malicious code from the time users download applications to their devices. Recent approaches often rely on static analysis and dynamic analysis to look for unusual behavior in applications. In this paper, we will propose the use of static analysis techniques to build a behavior of malicious code in the application and machine learning algorithms to detect malicious behavior.

scholarly journals Composite Model Fabrication of Classification with Transformed Target Regressor for Customer Segmentation using Machine Learning

2019 ◽  
Vol 8 (6) ◽  
pp. 962-966
Keyword(s):  
Machine Learning ◽  
Mean Absolute Error ◽  
Absolute Error ◽  
Customer Segmentation ◽  
Composite Model ◽  
Experimental Results ◽  
Data Set ◽  
Product Description ◽  
Day By Day

In Current internet world, the customers prefer to buy the products through online rather than spending their time on show rooms. The online customers of wine increases day by day due to the availability of high brands in online sellers. So the customers buy the wine products based on the product description and the satisfaction of other customers those who have bought before. This makes the industries to focus on machine learning that concentrates on target transformation of the dependent variable. This paper endeavor to forecast the customer segmentation for the wine data set extracted from UCI Machine learning repository. The raw wine data set is subjected to target transformation for various classifiers like Huber Regressor, SGD Regressor, RidgeCV Regression, Logistic RegressionCV and Passive Aggressive Regressor. The performance of the various classifiers is analyzed with and without target transformation using the metrics like Mean Absolute Error and R2 Score. The implementation is done in Anaconda Navigator with Python. Experimental results shows that after applying target transformation RidgeCV Regression is found to be effective with the R2 Score of 82% and Mean Absolute Error of 0.0 compared to other classifiers.

scholarly journals Detecting Malicious Apps in Android Devices using SVM, Random Forest & Decision Trees

2020 ◽  
Vol 8 (5) ◽  
pp. 1414-1417
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Decision Tree ◽  
Machine Learning Algorithms ◽  
Training Dataset ◽  
Support Vector ◽  
Android Application ◽  
Android Apps ◽  
Efficient Detection ◽  
Malicious Apps

In recent years, the usages of smart phones are increasing steadily and also growth of Android application users are increasing. Due to growth of Android application user, some intruder are creating malicious android application as tool to steal the sensitive data. We need an effective and efficient malicious applications detection tool to handle new complex malicious apps created by intruder or hackers. This project deals with idea of using machine learning approaches for detecting the malicious android application. First we have to gather dataset of past malicious apps as training set and with the help of Support vector machine algorithm and decision tree algorithm make up comparison with training dataset and trained dataset we can predict the malware android apps upto 93.2 % unknown / New malware mobile application. By implementing SIGPID, Significant Permission Identification (SIGPID).The goal of the sigid is to improve the apps permissions effectively and efficiently. This SIGPID system improves the accuracy and efficient detection of malware application. With the help of machine learning algorithms such as SVM, Random Forest Classifier and Decision Tree algorithms we make a comparison between training dataset and trained dataset to classify malicious application and benign app.

scholarly journals Significant Permission Identification for Machine Learning Based Android Malware Detection

2021 ◽  
Vol 9 (8) ◽  
pp. 2284-2288
Keyword(s):  
Machine Learning ◽  
Support Vector Machine ◽  
Detection System ◽  
Malware Detection ◽  
System Level ◽  
Support Vector ◽  
Android Malware ◽  
Android Malware Detection ◽  
Malicious Apps ◽  
Baseline Approach

Abstract: The dreadful rate of growth of malicious apps has become a significant issue that sets back the prosperous mobile scheme. A recent report indicates that a brand new malicious app for golem is introduced each ten seconds. To combat this serious malware campaign, we'd like a scalable malware detection approach that may effectively and expeditiously determine malware apps. varied malware detection tools are developed, together with system-level and network-level approaches. However, scaling the detection for an outsized bundle of apps remains a difficult task. during this paper, we tend to introduce SIGPID, a malware detection system supported permission usage analysis to address the speedy increase within the range of golem malware. rather than extracting and analyzing all golem permissions, we tend to develop 3-levels of pruning by mining the permission information to spot the foremost important permissions that may be effective in identifying between benign and malicious apps. SIGPID then utilizes machine-learning based mostly classification ways to classify totally different families of malware and benign apps. Our analysis finds that solely twenty two permissions square measure important. we tend to then compare the performance of our approach, victimisation solely twenty two permissions, against a baseline approach that analyzes all permissions. The results indicate that once Support Vector Machine (SVM) is employed because the classifier, we are able to bring home the bacon over ninetieth of preciseness, recall, accuracy, and F-measure, that square measure concerning constant as those created by the baseline approach whereas acquisition the analysis times that square measure four to thirty two times but those of victimisation all permissions. Compared against alternative progressive approaches, SIGPID is more practical by sleuthing ninety three.62% of malware within the information set, and 91.4% unknown/new malware samples. Keywords: SIGPID (Significant Permission Identification), SVM(Support Vector Machine), Android, Malware, Benign, Data pruning

Sign in / Sign up

Export Citation Format

Share Document