Open Access Peer-reviewed Research Article

Analyzing and comparing the effectiveness of various machine learning algorithms for Android malware detection

Main Article Content

Muhammad Shoaib Akhtar corresponding author

Abstract

Android is the most extensively adopted mobile operating system in the world. The free third-party programmes that may be downloaded and installed contribute to this success by offering a wide range of features and functionalities. However, the freedom to utilize any third-party programme has spawned a never-ending tide of ever-evolving malicious software intending to harm the user in some way, shape, or form. In this work, we propose and show many methods for detecting malware on Android. An in-process detection system is built, including data analytics. It may use the detection system to look over your current app set and find any malicious software so you can remove it. Models based on machine learning allow for this to be accomplished. It has been investigated how well the models perform with two distinct feature sets: permissions and signatures. Initially, each dataset undergoes exploratory data analysis and feature engineering to narrow down the vast array of attributes. The next step is to determine if an application is malicious or safe using one of many supervised classification models derived from data mining. Different models' performance metrics are examined to find the method that provides the best outcomes for this malware detection task. Ultimately, it is seen that the signatures-based method is superior to the permissions-based. Classification methods such as k-nearest neighbours (kNN), logistic regression, support vector machines (SVM), and random forests (RF) are all equivalent in their efficacy.

Keywords
Android, cyber security, cyber warfare, malware detection

Article Details

How to Cite
Akhtar, M. (2022). Analyzing and comparing the effectiveness of various machine learning algorithms for Android malware detection. Advances in Mobile Learning Educational Research, 3(1), 570-578. https://doi.org/10.25082/AMLER.2023.01.005

References

  1. Alfalqi, K., Alghamdi, R., & Waqdan, M. (2015). Android platform malware analysis. International Journal of Advanced Computer Science and Applications (IJACSA), 6, 140-146. https://doi.org/10.14569/IJACSA.2015.060120
  2. Alqahtani, E. J., Zagrouba, R., & Almuhaideb, A. (2019). A Survey on Android Malware Detection Techniques Using Machine Learning Algorithms. In 2019 Sixth International Conference on Software Defined Systems (SDS) (pp. 110-117). IEEE. https://doi.org/10.1109/SDS.2019.8768729
  3. Altaher, A. (2016). Classification of android malware applications using feature selection and classification algorithms. VAWKUM Transactions on Computer Sciences, 10(1), 1-5. https://doi.org/10.21015/vtcs.v10i1.412
  4. Anderson, B., Storlie, C., & Lane, T. (2012). Improving malware classification: bridging the static/dynamic gap. In Proceedings of the 5th ACM workshop on Security and artificial intelligence (pp. 3-14). https://doi.org/10.1145/2381896.2381900
  5. Arshad, S., Shah, M. A., Khan, A., & Ahmed, M. (2016). Android malware detection & protection: a survey. International Journal of Advanced Computer Science and Applications, 7(2). https://doi.org/10.14569/IJACSA.2016.070262
  6. Arshad, S., Shah, M. A., Wahid, A., Mehmood, A., Song, H., & Yu, H. (2018). SAMADroid: a novel 3-level hybrid malware detection model for android operating system. IEEE Access, 6, 4321-4339. https://doi.org/10.1109/ACCESS.2018.2792941
  7. Barsiya, T. K., Gyanchandani, M., & Wadhwani, B. (20016). Android malware analysis: A survey. International Journal of Control, Automation, Communication and Systems (IJCACS), 1(1), 35-42. https://doi.org/10.5121/ijcacs.2016.1105
  8. Chang, W. L., Sun, H. M., & Wu, W. (2016). An android behavior-based malware detection method using machine learning. In 2016 IEEE International conference on signal processing, communications and computing (ICSPCC) (pp. 1-4). IEEE. https://doi.org/10.1109/ICSPCC.2016.7753624
  9. Damshenas, M., Dehghantanha, A., & Mahmoud, R. (2013). A survey on malware propagation, analysis, and detection. International Journal of Cyber-Security and Digital Forensics, 2(4), 10-30.
  10. Fatima, A., Maurya, R., Dutta, M. K., Burget, R., & Masek, J. (2019). Android malware detection using genetic algorithm based optimized feature selection and machine learning. In 2019 42nd International conference on telecommunications and signal processing (TSP) (pp. 220-223), IEEE. https://doi.org/10.1109/TSP.2019.8769039
  11. Feizollah, A., Anuar, N. B., Salleh, R., & Wahab, A. W. A. (2015). A review on feature selection in mobile malware detection. Digital investigation, 13, 22-37. https://doi.org/10.1016/j.diin.2015.02.001
  12. Firdaus, A., Anuar, N. B., Karim, A., & Razak, M. F. A. (2018). Discovering optimal features using static analysis and a genetic search based method for Android malware detection. Frontiers of Information Technology & Electronic Engineering, 19(6), 712-736. https://doi.org/10.1631/FITEE.1601491
  13. Firdausi, I., Erwin, A., & Nugroho, A. S. (2010, December). Analysis of machine learning techniques used in behavior-based malware detection. In 2010 second international conference on advances in computing, control, and telecommunication technologies (pp. 201-203). IEEE. https://doi.org/10.1109/ACT.2010.33
  14. Hahn, S., Protsenko, M., & Müller, T. (2016). Comparative evaluation of machine learning-based malware detection on android. Sicherheit 2016-Sicherheit, Schutz und Zuverlässigkeit.
  15. Kim, T., Kang, B., Rho, M., Sezer, S., & Im, E. G. (2018). A multimodal deep learning method for android malware detection using various features. IEEE Transactions on Information Forensics and Security, 14(3), 773-788. https://doi.org/10.1109/TIFS.2018.2866319
  16. Kumaran, M., & Li, W. (2016). Lightweight malware detection based on machine learning algorithms and the android manifest file. In 2016 IEEE MIT Undergraduate Research Technology Conference (URTC) (pp. 1-3). IEEE. https://doi.org/10.1109/URTC.2016.8284090
  17. Leeds, M., & Atkison, T. (2016). Preliminary Results of Applying Machine Learning Algorithms to Android Malware Detection. 2016 International Conference on Computational Science and Computational Intelligence (CSCI), 2016, pp. 1070-1073. https://doi.org/10.1109/CSCI.2016.0204
  18. Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., & Ye, H. (2018). Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics, 14(7), 3216-3225. https://doi.org/10.1109/TII.2017.2789219
  19. Martín, A., Fuentes-Hurtado, F., Naranjo, V., & Camacho, D. (2017). Evolving deep neural networks architectures for android malware classification. In 2017 IEEE Congress on Evolutionary Computation (CEC) (pp. 1659-1666). IEEE. https://doi.org/10.1109/CEC.2017.7969501
  20. Sawle, P. D., & Gadicha, A. B. (2014). Analysis of malware detection techniques in android. International Journal of Computer Science and Mobile Computing, 3(3), 176-182.
  21. Saracino, A., Sgandurra, D., Dini, G., & Martinelli, F. (2016). Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Transactions on Dependable and Secure Computing, 15(1), 83-97. https://doi.org/10.1109/TDSC.2016.2536605
  22. Schultz, M. G., Eskin, E., Zadok, F., & Stolfo, S. J. (2000). Data mining methods for detection of new malicious executables. In Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 (pp. 38-49). IEEE. https://doi.org/10.1109/SECPRI.2001.924286
  23. Siddiqui, M., Wang, M. C., & Lee, J. (2009). Detecting internet worms using data mining techniques. Journal of Systemics, Cybernetics and Informatics, 6(6), 48-53.
  24. Soni, H., Arora, P., & Rajeswari, D. (2020). Malicious Application Detection in Android using Machine Learning. In 2020 International Conference on Communication and Signal Processing (ICCSP) (pp. 0846-0848). IEEE. https://doi.org/10.1109/ICCSP48568.2020.9182170
  25. Su, X., Zhang, D., Li, W., & Zhao, K. (2016). A deep learning approach to android malware feature learning and detection. In 2016 IEEE Trustcom/BigDataSE/ISPA (pp. 244-251). IEEE. https://doi.org/10.1109/TrustCom.2016.0070
  26. Tahtaci, B., & Canbay, B. (2020). Android Malware Detection Using Machine Learning. 2020 Innovations in Intelligent Systems and Applications Conference (ASYU), 1-6. https://doi.org/10.1109/ASYU50717.2020.9259834
  27. Tarar, N., Sharma, S., & Krishna, C. R. (2018). Analysis and Classification of Android Malware using Machine Learning Algorithms. In 2018 3rd International Conference on Inventive Computation Technologies (ICICT) (pp. 738-743). IEEE. https://doi.org/10.1109/ICICT43934.2018.9034337
  28. Urooj, B., Shah, M. A., Maple, C., Abbasi, M. K., & Riasat, S. (2022). Malware detection: a framework for reverse engineered android applications through machine learning algorithms. IEEE Access, 10, 89031-89050. https://doi.org/10.1109/ACCESS.2022.3149053
  29. Utku, A., & Doğru, İ. A. (2017). Malware detection system based on machine learning methods for Android operating systems. In 2017 25th Signal Processing and Communications Applications Conference (SIU) (pp. 1-4). IEEE. https://doi.org/10.1109/SIU.2017.7960231
  30. Vanjire, S., & Lakshmi, M. (2021). Behavior-Based Malware Detection System Approach For Mobile Security Using Machine Learning. In 2021 International Conference on Artificial Intelligence and Machine Vision (AIMV) (pp. 1-4). IEEE. https://doi.org/10.1109/AIMV53313.2021.9671009
  31. Varma, P. R. K., Kumari, V. V., & Kumar, S. S. (2015). A novel rough set attribute reduction based on ant colony optimisation. International Journal of Intelligent systems Technologies and applications, 14(3-4), 330-353. https://doi.org/10.1504/IJISTA.2015.074333
  32. Varma, P. R. K., Raj, K. P., & Raju, K. S. (2017). Android mobile security by detecting and classification of malware based on permissions using machine learning algorithms. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) (pp. 294-299). IEEE. https://doi.org/10.1109/I-SMAC.2017.8058358
  33. Westyarian, W., Rosmansyah, Y., & Dabarsyah, B. (2015). Malware detection on Android smartphones using API class and machine learning. 2015 International Conference on Electrical Engineering and Informatics (ICEEI), 294-297. https://doi.org/10.1109/ICEEI.2015.7352513
  34. Zhao, K., Zhang, D., Su, X., & Li, W. (2015). Fest: A feature extraction and selection tool for Android malware detection. In 2015 IEEE symposium on computers and communication (ISCC) (pp. 714-720). IEEE. https://doi.org/10.1109/ISCC.2015.7405598
  35. Varma, P. R. K., Kumari, V. V., & Kumar, S. S. (2015). A novel rough set attribute reduction based on ant colony optimisation. International Journal of Intelligent systems Technologies and applications, 14(3-4), 330-353. https://doi.org/10.1504/IJISTA.2015.074333
  36. Varma, P. R. K., Raj, K. P., & Raju, K. S. (2017). Android mobile security by detecting and classification of malware based on permissions using machine learning algorithms. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) (pp. 294-299). IEEE. https://doi.org/10.1109/I-SMAC.2017.8058358
  37. Westyarian, W., Rosmansyah, Y., & Dabarsyah, B. (2015). Malware detection on Android smartphones using API class and machine learning. 2015 International Conference on Electrical Engineering and Informatics (ICEEI), 294-297. https://doi.org/10.1109/ICEEI.2015.7352513
  38. Zhao, K., Zhang, D., Su, X., & Li, W. (2015). Fest: A feature extraction and selection tool for Android malware detection. In 2015 IEEE symposium on computers and communication (ISCC) (pp. 714-720). IEEE. https://doi.org/10.1109/ISCC.2015.7405598