Analyzing and comparing the effectiveness of various machine learning algorithms for Android malware detection
Main Article Content
Abstract
Android is the most extensively adopted mobile operating system in the world. The free third-party programmes that may be downloaded and installed contribute to this success by offering a wide range of features and functionalities. However, the freedom to utilize any third-party programme has spawned a never-ending tide of ever-evolving malicious software intending to harm the user in some way, shape, or form. In this work, we propose and show many methods for detecting malware on Android. An in-process detection system is built, including data analytics. It may use the detection system to look over your current app set and find any malicious software so you can remove it. Models based on machine learning allow for this to be accomplished. It has been investigated how well the models perform with two distinct feature sets: permissions and signatures. Initially, each dataset undergoes exploratory data analysis and feature engineering to narrow down the vast array of attributes. The next step is to determine if an application is malicious or safe using one of many supervised classification models derived from data mining. Different models' performance metrics are examined to find the method that provides the best outcomes for this malware detection task. Ultimately, it is seen that the signatures-based method is superior to the permissions-based. Classification methods such as k-nearest neighbours (kNN), logistic regression, support vector machines (SVM), and random forests (RF) are all equivalent in their efficacy.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
References
- Alfalqi, K., Alghamdi, R., & Waqdan, M. (2015). Android platform malware analysis. International Journal of Advanced Computer Science and Applications (IJACSA), 6, 140-146. https://doi.org/10.14569/IJACSA.2015.060120
- Alqahtani, E. J., Zagrouba, R., & Almuhaideb, A. (2019). A Survey on Android Malware Detection Techniques Using Machine Learning Algorithms. In 2019 Sixth International Conference on Software Defined Systems (SDS) (pp. 110-117). IEEE. https://doi.org/10.1109/SDS.2019.8768729
- Altaher, A. (2016). Classification of android malware applications using feature selection and classification algorithms. VAWKUM Transactions on Computer Sciences, 10(1), 1-5. https://doi.org/10.21015/vtcs.v10i1.412
- Anderson, B., Storlie, C., & Lane, T. (2012). Improving malware classification: bridging the static/dynamic gap. In Proceedings of the 5th ACM workshop on Security and artificial intelligence (pp. 3-14). https://doi.org/10.1145/2381896.2381900
- Arshad, S., Shah, M. A., Khan, A., & Ahmed, M. (2016). Android malware detection & protection: a survey. International Journal of Advanced Computer Science and Applications, 7(2). https://doi.org/10.14569/IJACSA.2016.070262
- Arshad, S., Shah, M. A., Wahid, A., Mehmood, A., Song, H., & Yu, H. (2018). SAMADroid: a novel 3-level hybrid malware detection model for android operating system. IEEE Access, 6, 4321-4339. https://doi.org/10.1109/ACCESS.2018.2792941
- Barsiya, T. K., Gyanchandani, M., & Wadhwani, B. (20016). Android malware analysis: A survey. International Journal of Control, Automation, Communication and Systems (IJCACS), 1(1), 35-42. https://doi.org/10.5121/ijcacs.2016.1105
- Chang, W. L., Sun, H. M., & Wu, W. (2016). An android behavior-based malware detection method using machine learning. In 2016 IEEE International conference on signal processing, communications and computing (ICSPCC) (pp. 1-4). IEEE. https://doi.org/10.1109/ICSPCC.2016.7753624
- Damshenas, M., Dehghantanha, A., & Mahmoud, R. (2013). A survey on malware propagation, analysis, and detection. International Journal of Cyber-Security and Digital Forensics, 2(4), 10-30.
- Fatima, A., Maurya, R., Dutta, M. K., Burget, R., & Masek, J. (2019). Android malware detection using genetic algorithm based optimized feature selection and machine learning. In 2019 42nd International conference on telecommunications and signal processing (TSP) (pp. 220-223), IEEE. https://doi.org/10.1109/TSP.2019.8769039
- Feizollah, A., Anuar, N. B., Salleh, R., & Wahab, A. W. A. (2015). A review on feature selection in mobile malware detection. Digital investigation, 13, 22-37. https://doi.org/10.1016/j.diin.2015.02.001
- Firdaus, A., Anuar, N. B., Karim, A., & Razak, M. F. A. (2018). Discovering optimal features using static analysis and a genetic search based method for Android malware detection. Frontiers of Information Technology & Electronic Engineering, 19(6), 712-736. https://doi.org/10.1631/FITEE.1601491
- Firdausi, I., Erwin, A., & Nugroho, A. S. (2010, December). Analysis of machine learning techniques used in behavior-based malware detection. In 2010 second international conference on advances in computing, control, and telecommunication technologies (pp. 201-203). IEEE. https://doi.org/10.1109/ACT.2010.33
- Hahn, S., Protsenko, M., & Müller, T. (2016). Comparative evaluation of machine learning-based malware detection on android. Sicherheit 2016-Sicherheit, Schutz und Zuverlässigkeit.
- Kim, T., Kang, B., Rho, M., Sezer, S., & Im, E. G. (2018). A multimodal deep learning method for android malware detection using various features. IEEE Transactions on Information Forensics and Security, 14(3), 773-788. https://doi.org/10.1109/TIFS.2018.2866319
- Kumaran, M., & Li, W. (2016). Lightweight malware detection based on machine learning algorithms and the android manifest file. In 2016 IEEE MIT Undergraduate Research Technology Conference (URTC) (pp. 1-3). IEEE. https://doi.org/10.1109/URTC.2016.8284090
- Leeds, M., & Atkison, T. (2016). Preliminary Results of Applying Machine Learning Algorithms to Android Malware Detection. 2016 International Conference on Computational Science and Computational Intelligence (CSCI), 2016, pp. 1070-1073. https://doi.org/10.1109/CSCI.2016.0204
- Li, J., Sun, L., Yan, Q., Li, Z., Srisa-An, W., & Ye, H. (2018). Significant permission identification for machine-learning-based android malware detection. IEEE Transactions on Industrial Informatics, 14(7), 3216-3225. https://doi.org/10.1109/TII.2017.2789219
- Martín, A., Fuentes-Hurtado, F., Naranjo, V., & Camacho, D. (2017). Evolving deep neural networks architectures for android malware classification. In 2017 IEEE Congress on Evolutionary Computation (CEC) (pp. 1659-1666). IEEE. https://doi.org/10.1109/CEC.2017.7969501
- Sawle, P. D., & Gadicha, A. B. (2014). Analysis of malware detection techniques in android. International Journal of Computer Science and Mobile Computing, 3(3), 176-182.
- Saracino, A., Sgandurra, D., Dini, G., & Martinelli, F. (2016). Madam: Effective and efficient behavior-based android malware detection and prevention. IEEE Transactions on Dependable and Secure Computing, 15(1), 83-97. https://doi.org/10.1109/TDSC.2016.2536605
- Schultz, M. G., Eskin, E., Zadok, F., & Stolfo, S. J. (2000). Data mining methods for detection of new malicious executables. In Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 (pp. 38-49). IEEE. https://doi.org/10.1109/SECPRI.2001.924286
- Siddiqui, M., Wang, M. C., & Lee, J. (2009). Detecting internet worms using data mining techniques. Journal of Systemics, Cybernetics and Informatics, 6(6), 48-53.
- Soni, H., Arora, P., & Rajeswari, D. (2020). Malicious Application Detection in Android using Machine Learning. In 2020 International Conference on Communication and Signal Processing (ICCSP) (pp. 0846-0848). IEEE. https://doi.org/10.1109/ICCSP48568.2020.9182170
- Su, X., Zhang, D., Li, W., & Zhao, K. (2016). A deep learning approach to android malware feature learning and detection. In 2016 IEEE Trustcom/BigDataSE/ISPA (pp. 244-251). IEEE. https://doi.org/10.1109/TrustCom.2016.0070
- Tahtaci, B., & Canbay, B. (2020). Android Malware Detection Using Machine Learning. 2020 Innovations in Intelligent Systems and Applications Conference (ASYU), 1-6. https://doi.org/10.1109/ASYU50717.2020.9259834
- Tarar, N., Sharma, S., & Krishna, C. R. (2018). Analysis and Classification of Android Malware using Machine Learning Algorithms. In 2018 3rd International Conference on Inventive Computation Technologies (ICICT) (pp. 738-743). IEEE. https://doi.org/10.1109/ICICT43934.2018.9034337
- Urooj, B., Shah, M. A., Maple, C., Abbasi, M. K., & Riasat, S. (2022). Malware detection: a framework for reverse engineered android applications through machine learning algorithms. IEEE Access, 10, 89031-89050. https://doi.org/10.1109/ACCESS.2022.3149053
- Utku, A., & Doğru, İ. A. (2017). Malware detection system based on machine learning methods for Android operating systems. In 2017 25th Signal Processing and Communications Applications Conference (SIU) (pp. 1-4). IEEE. https://doi.org/10.1109/SIU.2017.7960231
- Vanjire, S., & Lakshmi, M. (2021). Behavior-Based Malware Detection System Approach For Mobile Security Using Machine Learning. In 2021 International Conference on Artificial Intelligence and Machine Vision (AIMV) (pp. 1-4). IEEE. https://doi.org/10.1109/AIMV53313.2021.9671009
- Varma, P. R. K., Kumari, V. V., & Kumar, S. S. (2015). A novel rough set attribute reduction based on ant colony optimisation. International Journal of Intelligent systems Technologies and applications, 14(3-4), 330-353. https://doi.org/10.1504/IJISTA.2015.074333
- Varma, P. R. K., Raj, K. P., & Raju, K. S. (2017). Android mobile security by detecting and classification of malware based on permissions using machine learning algorithms. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) (pp. 294-299). IEEE. https://doi.org/10.1109/I-SMAC.2017.8058358
- Westyarian, W., Rosmansyah, Y., & Dabarsyah, B. (2015). Malware detection on Android smartphones using API class and machine learning. 2015 International Conference on Electrical Engineering and Informatics (ICEEI), 294-297. https://doi.org/10.1109/ICEEI.2015.7352513
- Zhao, K., Zhang, D., Su, X., & Li, W. (2015). Fest: A feature extraction and selection tool for Android malware detection. In 2015 IEEE symposium on computers and communication (ISCC) (pp. 714-720). IEEE. https://doi.org/10.1109/ISCC.2015.7405598
- Varma, P. R. K., Kumari, V. V., & Kumar, S. S. (2015). A novel rough set attribute reduction based on ant colony optimisation. International Journal of Intelligent systems Technologies and applications, 14(3-4), 330-353. https://doi.org/10.1504/IJISTA.2015.074333
- Varma, P. R. K., Raj, K. P., & Raju, K. S. (2017). Android mobile security by detecting and classification of malware based on permissions using machine learning algorithms. In 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC) (pp. 294-299). IEEE. https://doi.org/10.1109/I-SMAC.2017.8058358
- Westyarian, W., Rosmansyah, Y., & Dabarsyah, B. (2015). Malware detection on Android smartphones using API class and machine learning. 2015 International Conference on Electrical Engineering and Informatics (ICEEI), 294-297. https://doi.org/10.1109/ICEEI.2015.7352513
- Zhao, K., Zhang, D., Su, X., & Li, W. (2015). Fest: A feature extraction and selection tool for Android malware detection. In 2015 IEEE symposium on computers and communication (ISCC) (pp. 714-720). IEEE. https://doi.org/10.1109/ISCC.2015.7405598