Android malware detection with unbiased confidence guarantees

Papadopoulos, Harris; Georgiou, Nestoras; Eliades, Charalambos; Konstantinidis, Andreas

doi:10.1016/j.neucom.2017.08.072

Cited by 30 publications

(9 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Papadopoulos et al [13] introduced the problem by proposing a methodology that was found to provide significant trust certifications as to the location of the malware. In addition, extraordinary comfort is guaranteed to both unsafe classes and benevolent sources free from each other and is not affected by any informative provision.…”

Section: Related Workmentioning

confidence: 99%

Analysis of Malware Detection and Signature Generation Using a Novel Hybrid Approach

Dugyala¹,

Reddy²,

Viswanadhula³

et al. 2022

Mathematical Problems in Engineering

View full text Add to dashboard Cite

In recent years, malware detection has become necessary to improve system performance and prevent programs from infecting your computer. Signature-based malware failed to detect most new organisms. This article presents the hybrid technique to automatically generate and classify malicious signatures. The hybrid method is called the ANFIS-SSA approach. The hybrid system includes the Adaptive Neuro Fuzzy Interference System (ANFIS) and the Salp Swarm Optimization (SSA). Based on this observation, we propose a hybrid approach to detect malware using malware terminology and its API calls to each other. We create the master signature for the entire malware category, not the malicious template. This signature can also identify unknown extended variants of this class. We show our approach in some common malware classes, which show that each extended version of the malware class is recognized by its original signature. The proposed method is integrated into the Matlab/Simulink operating system and is comparable to existing secure methods. SAFE creates an abstract model for the malicious code and converts it to an internal representation.

show abstract

Section: Related Workmentioning

confidence: 99%

Analysis of Malware Detection and Signature Generation Using a Novel Hybrid Approach

Dugyala¹,

Reddy²,

Viswanadhula³

et al. 2022

Mathematical Problems in Engineering

View full text Add to dashboard Cite

show abstract

“…In [14], the n-gram sequences have been extracted from the opcode of both benign and malware Android applications to generate reduced feature vectors used in training Support Vector Machines (SVM) and Random Forest (RF) classifiers. In [15], the APK files have been installed on a real Android smartphone and multiple dynamic features including Binder, Battery, Memory, CPU and Network behaviour have been collected and used in malware classification. A dynamic analysis framework has been proposed by [16] for classifying android apps based on monitoring the apps' runtime behaviour and malicious URLs and correlating them with DNS service network traffic in order to detect the malicious behaviour at the network level.…”

Section: Related Workmentioning

confidence: 99%

Android malware detection based on image-based features and machine learning techniques

Ünver

Bakour

2020

SN Appl. Sci.

View full text Add to dashboard Cite

In this paper, a malware classification model has been proposed for detecting malware samples in the Android environment. The proposed model is based on converting some files from the source of the Android applications into grayscale images. Some image-based local features and global features, including four different types of local features and three different types of global features, have been extracted from the constructed grayscale image datasets and used for training the proposed model. To the best of our knowledge, this type of features is used for the first time in the Android malware detection domain. Moreover, the bag of visual words algorithm has been used to construct one feature vector from the descriptors of the local feature extracted from each image. The extracted local and global features have been used for training multiple machine learning classifiers including Random forest, k-nearest neighbors, Decision Tree, Bagging, AdaBoost and Gradient Boost. The proposed method obtained a very high classification accuracy reached 98.75% with a typical computational time does not exceed 0.018 s for each sample. The results of the proposed model outperformed the results of all compared state-of-art models in term of both classification accuracy and computational time.

show abstract

“…The intelligent Android malware detection approach based on dynamic analysis has been suggested in several research studies. For instance, [19] applied dynamic analysis using the Random Forest algorithm as a machine learning algorithm and proposed the Conformal Prediction model assessed on 1,866 malware and 4,816 benign applications on a real Android device. DroidDolphin [20] is a dynamic malware analysis framework that uses GUI-based testing, big data analysis, and machine learning to detect Android malware.…”

Section: B Intelligent Android Malware Detection Approach Based On Dmentioning

confidence: 99%

“…The study of [19] adopted a machine learning approach that used the dataflow application program interfaces (API) to collect features and use them to detect malware apps. A thorough analysis was conducted to extract features and improve the k-nearest neighbor classification model.…”

Section: Other Advanced Intelligent Techniquesmentioning

confidence: 99%

Empirical Study on Intelligent Android Malware Detection based on Supervised Machine Learning

Abdullah¹,

Ali²,

Abdulghafor³

2020

IJACSA

View full text Add to dashboard Cite

The increasing number of mobile devices using the Android operating system in the market makes these devices the first target for malicious applications. In recent years, several Android malware applications were developed to perform certain illegitimate activities and harmful actions on mobile devices. In response, specific tools and anti-virus programs used conventional signature-based methods in order to detect such Android malware applications. However, the most recent Android malware apps, such as zero-day, cannot be detected through conventional methods that are still based on fixed signatures or identifiers. Therefore, the most recently published research studies have suggested machine learning techniques as an alternative method to detect Android malware due to their ability to learn and use the existing information to detect the new Android malware apps. This paper presents the basic concepts of Android architecture, Android malware, and permission features utilized as effective malware predictors. Furthermore, a comprehensive review of the existing static, dynamic, and hybrid Android malware detection approaches is presented in this study. More significantly, this paper empirically discusses and compares the performances of six supervised machine learning algorithms, known as K-Nearest Neighbors (K-NN), Decision Tree (DT), Support Vector Machine (SVM), Random Forest (RF), Naïve Bayes (NB), and Logistic Regression (LR), which are commonly used in the literature for detecting malware apps.

show abstract

Android malware detection with unbiased confidence guarantees

Cited by 30 publications

References 8 publications

Analysis of Malware Detection and Signature Generation Using a Novel Hybrid Approach

Analysis of Malware Detection and Signature Generation Using a Novel Hybrid Approach

Android malware detection based on image-based features and machine learning techniques

Empirical Study on Intelligent Android Malware Detection based on Supervised Machine Learning

Contact Info

Product

Resources

About