A Bayesian probability model for Android malware detection

Mat, Sharfah Ratibah Tuan; Razak, Mohd Faizal Ab; Kahar, Mohd Nizam Mohmad; Arif, Juliza Mohamad; Firdaus, Ahmad

doi:10.1016/j.icte.2021.09.003

Cited by 37 publications

(14 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These results are better than the KNN-based study by Arslan, Doğru & Barişçi (2019) . At the same time, it obtained better results than the Bayesian classifier-based study of Mat et al (2021) . Arslan (2021) achieved 98.16% accuracy in his DNN-based study.…”

Section: Resultsmentioning

confidence: 91%

“…The feature selection process was performed by applying the information gain and chi-square methods to the features they obtained. At the end of the study, they achieved 91.1% accuracy with the Naive Bayes method ( Mat et al, 2021 ).…”

Section: Literature Reviewmentioning

confidence: 99%

“…In the literature, many studies have been done for permission-based malware detection. Especially machine learning-based systems have produced successful results in detecting permission-based malware ( Mat et al, 2021 ; Şahın, Akleylek & Kiliç, 2022 ; Arslan, Doğru & Barişçi, 2019 ; Şahin et al, 2021 ).…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers

Atacak

Kiliç

Doğru

2022

PeerJ Computer Science

View full text Add to dashboard Cite

Background Android is the most widely used operating system all over the world. Due to its open nature, the Android operating system has become the target of malicious coders. Ensuring privacy and security is of great importance to Android users. Methods In this study, a hybrid architecture is proposed for the detection of Android malware from the permission information of applications. The proposed architecture combines the feature extraction power of the convolutional neural network (CNN) architecture and the decision making capability of fuzzy logic. Our method extracts features from permission information with a small number of filters and convolutional layers, and also makes the feature size suitable for ANFIS input. In addition, it allows the permission information to affect the classification without being neglected. In the study, malware was obtained from two different sources and two different data sets were created. In the first dataset, Drebin was used for malware applications, and in the second dataset, CICMalDroid 2020 dataset was used for malware applications. For benign applications, the Google Play Store environment was used. Results With the proposed method, 92% accuracy in the first data set and 92% F-score value in the weighted average was achieved. In the second data set, an accuracy of 94.6% and an F-score of 94.6% on the weighted average were achieved. The results obtained in the study show that the proposed method outperforms both classical machine learning algorithms and fuzzy logic-based studies.

show abstract

Section: Resultsmentioning

confidence: 91%

Section: Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers

Atacak

Kiliç

Doğru

2022

PeerJ Computer Science

View full text Add to dashboard Cite

show abstract

“…A mobile malware detection system serves the purpose of identifying malicious software on mobile devices. Given the escalating integration of mobile devices into everyday activities and the escalating risk posed by malicious software, developing such a detection system holds immense importance [9,13]. The function of each component within the system is delineated as follows.…”

Section: Proposed Methodologymentioning

confidence: 99%

Computer Malicious Code Signal Detection based on Big Data Technology

Liu

2023

SCPE

View full text Add to dashboard Cite

The article addresses the challenges modelled by the inadequacy of traditional detection methods in effectively handling the substantial volume of software behavior samples, particularly in big data. A novel approach is proposed for leveraging big data technology to detect malicious computer code signals. Additionally, it seeks to attack the issues associated with machine learning-based mobile malware detection, namely the presence of a large number of features, low accuracy in detection, and imbalanced data distribution. To resolve these challenges, this paper presents a multifaceted methodology. First, it introduces a feature selection technique based on mean and variance analysis to eliminate irrelevant features hindering classification accuracy. Next, a comprehensive classification method is implemented, utilizing various feature extraction techniques such as principal component analysis (PCA), Kaehunen-Loeve transform (KLT), and independent component analysis (ICA). These techniques collectively contribute to enhancing the Precision of the detection process. Recognizing the issue of unbalanced data distribution among software samples, the study proposes a multi-level classification integration model grounded in decision trees. In response, the research focuses on enhancing accuracy and mitigating the impact of data imbalance through a combination of feature selection, extraction techniques, and a multi-level classification model. The empirical results highlight the effectiveness of the proposed methodologies, showcasing notable accuracy improvements ranging from 3.36% to 6.41% across different detection methods on the Android platform. The introduced malware detection technology, grounded in source code analysis, demonstrates a promising capacity to identify Android malware effectively.

show abstract

“…Carefully, zero-day vulnerabilities and advanced malware are still being used, and attackers are deliberately covered up [5], [6]. The use of tools such as legal system management software and operating system features is simple: spear-phishing e-mails and "living out of the field" [3], [7].…”

Section: Introductionmentioning

confidence: 99%

Hermes Ransomware v2.1 Action Monitoring using Next Generation Security Operation Center (NGSOC) Complex Correlation Rules

Dun¹,

Razak²,

Zolkipli³

et al. 2022

International Journal on Advanced Science, Engineering and Information Technology

Self Cite

View full text Add to dashboard Cite

A new malware is identified every fewer than five seconds in today's threat environment, which is changing at a rapid speed. As part of cybercrime, there is a lot of malware activity that can infect the system and make it problematic. Cybercrime is a rapidly growing field, allowing cyber thieves to engage in a wide range of damaging activities. Hacking, scams, child pornography, and identity theft are all examples of cybercrime. Cybercrime victims might be single entities or groups of persons who are being targeted for harm. Cybercrime and malware become more hazardous and damaging because of these factors. Subsequent to these factors, there is a need to construct Next Generation Security Operation Centers (NGSOCs). SOC consists of human resources, processes, and technology designed to deal with security events derived from the Security Incident Event Management (SIEM) log analysis. This research examines how Next Generation Security Operation Centers (NGSOCs) respond to malicious activity. This study develops a use case to detect the latest Hermes Ransomware v2.1 malware using complex correlation rules for the SIEM anomalies engine. This study aims to analyze and detect Hermes Ransomware v2.1. As a result, NGSOC distinguishes malware activities' initial stages by halting traffic attempts to download malware. By forwarding logs to SIEM, the use case can support Threat Analyst in finding other Indicators of Compromise (IOC) to assist organizations in developing a systematic and more preemptive approach for ransomware detection.

show abstract

A Bayesian probability model for Android malware detection

Cited by 37 publications

References 19 publications

Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers

Android malware detection using hybrid ANFIS architecture with low computational cost convolutional layers

Computer Malicious Code Signal Detection based on Big Data Technology

Hermes Ransomware v2.1 Action Monitoring using Next Generation Security Operation Center (NGSOC) Complex Correlation Rules

Contact Info

Product

Resources

About