Evaluation of machine learning classifiers for mobile malware detection

Narudin, Fairuz Amalina; Feizollah, Ali; Anuar, Nor Badrul; Gani, Abdullah

doi:10.1007/s00500-014-1511-6

Cited by 322 publications

(137 citation statements)

References 48 publications

Supporting

Mentioning

126

Contrasting

Unclassified

Order By: Relevance

“…Narudin et al [84] evaluates logical-based, perceptron-based, static-based and instance-based classifiers evaluating in mobile applications. Arshad et al [85] surveys static based approaches (i.e.…”

Section: Platforms and Iot Malwarementioning

confidence: 99%

Internet of Things Malware : A Survey

Karanja¹,

Masupe²,

Jeffrey³

2017

IJCSES

View full text Add to dashboard Cite

show abstract

Section: Platforms and Iot Malwarementioning

confidence: 99%

Internet of Things Malware : A Survey

Karanja¹,

Masupe²,

Jeffrey³

2017

IJCSES

View full text Add to dashboard Cite

show abstract

“…More recently, new malware such as the BrainTest [3], have succeeded in infecting over half a million Android devices, targeting Google Play in particular. Many recent studies have resulted in a number of automated approaches to tackle the spread of malware [4] [5] [6] [7]. Static analysis techniques, which have traditionally been used for detecting malware targeting desktop computers, have recently gained popularity as effective measures for the protection of mobile applications [8].…”

Section: Introductionmentioning

confidence: 99%

AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection

Feizollah

Anuar

Salleh

et al. 2017

Computers & Security

Self Cite

211

View full text Add to dashboard Cite

The wide popularity of Android systems has been accompanied by increase in the number of malware targeting these systems. This is largely due to the open nature of the Android framework that facilitates the incorporation of third-party applications running on top of any Android device. Inter-process communication is one of the most notable features of the Android framework as it allows the reuse of components across process boundaries. This mechanism is used as gateway to access different sensitive services in the Android framework. In the Android platform, this communication system is usually driven by a late runtime binding messaging object known as Intent. In this paper, we evaluate the effectiveness of Android Intents (explicit and implicit) as a distinguishing feature for identifying malicious applications. We show that Intents are semantically rich features that are able to encode the intentions of malware when compared to other well-studied features such as permissions. We also argue that this type of feature is not the ultimate solution. It should be used in conjunction with other known features. We conducted experiments using a dataset containing 7,406 applications that comprise of 1,846 clean and 5,560 infected applications. The results show detection rate of 91% using Android Intent against 83% using Android permission. Additionally, experiment on combination of both features results in detection rate of 95.5%.

show abstract

“…They enable an application to create windows that can be shown on top of other applications and even execute tasks on them, these abilities made them an extremely attractive target for malware developers to perform tapjacking attacks. A significantly sophisticated new form of Android ransomware/Android.Lockdroid.E is detected [4], this variant of ransomware malware employs the accessibility tapjacking method to pose a real threat for more than 67% of Android devices. Table 2 above shows the testing and training RMSE for both ANFIS and PSO-ANFIS using the features selected by the proposed dual-stage method based on the five-fold crossvalidation.…”

Section: Experiments and Results Discussionmentioning

confidence: 99%

“…Detecting the huge number of Android malware and isolating them from application markets is potential and great challenging issue. Very recently in 2016, a significantly sophisticated new form of Android ransomware/Android.Lockdroid.E is detected by Symantec, this variant of ransomware malware employs the accessibility tapjacking method to pose a real threat for more than 67% of Android devices [4].…”

Section: Introductionmentioning

confidence: 99%

Intelligent Hybrid Approach for Android Malware Detection based on Permissions and API Calls

Altaher¹,

Barukab²

2017

ijacsa

View full text Add to dashboard Cite

Abstract-Android malware is rapidly becoming a potential threat to users. The number of Android malware is growing exponentially; they become significantly sophisticated and cause potential financial and information losses for users. Hence, there is a need for effective and efficient techniques to detect the Android malware applications. This paper proposes an intelligent hybrid approach for Android malware detection using the permissions and API calls in the Android application. The proposed approach consists of two steps. The first step involves finding the most significant permissions and Application Programming Interfaces (API) calls that leads to efficient discrimination between the malware and good ware applications. For this purpose, two features selection algorithms, Information Gain (IG) and Pearson CorrCoef (PC) are employed to rank the individual permissions and API's calls based on their importance for classification. In the second step, the proposed new hybrid approach for Android malware detection based on the combination of the Adaptive neural fuzzy Inference System (ANFIS) with the Particle Swarm Optimization (PSO), is employed to differentiate between the malware and goodware Android applications (apps). The PSO is intelligently utilized to optimize the ANFIS parameters by tuning its membership functions to generate reliable and more precise fuzzy rules for Android apps classification. Using a dataset consists of 250 goodware and 250 malware apps collected from different recourse, the conducted experiments show that the suggested method for Android malware detection is effective and achieved an accuracy of 89%.

show abstract

Evaluation of machine learning classifiers for mobile malware detection

Cited by 322 publications

References 48 publications

Internet of Things Malware : A Survey

Internet of Things Malware : A Survey

AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection

Intelligent Hybrid Approach for Android Malware Detection based on Permissions and API Calls

Contact Info

Product

Resources

About