Identification of malicious android app using manifest and opcode features

Varsha, M.; Vinod, P.; Dhanya, K. A.

doi:10.1007/s11416-016-0277-z

Cited by 42 publications

(24 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The machine learning based detection proposed in the papers were based on API calls, intents, permissions and embedded commands. Varsha et al [15] investigated SVM, Random Forest and Rotation Forests on three datasets; their detection method employed static features extracted from the manifest and application executable files.…”

Section: A Static Analysis With Traditional Classifiersmentioning

confidence: 99%

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

Yerima

Sezer

2019

IEEE Trans. Cybern.

151

View full text Add to dashboard Cite

Abstract-Android malware has continued to grow in volume and complexity posing significant threats to the security of mobile devices and the services they enable. This has prompted increasing interest in employing machine learning to improve Android malware detection. In this paper we present a novel classifier fusion approach based on a multilevel architecture that enables effective combination of machine learning algorithms for improved accuracy. The framework (called DroidFusion), generates a model by training base classifiers at a lower level and then applies a set of ranking-based algorithms on their predictive accuracies at the higher level in order to derive a final classifier. The induced multilevel DroidFusion model can then be utilized as an improved accuracy predictor for Android malware detection. We present experimental results on four separate datasets to demonstrate the effectiveness of our proposed approach. Furthermore, we demonstrate that the DroidFusion method can also effectively enable the fusion of ensemble learning algorithms for improved accuracy. Finally, we show that the prediction accuracy of DroidFusion, despite only utilizing a computational approach in the higher level, can outperform Stacked Generalization, a well-known classifier fusion method that employs a meta-classifier approach in its higher level.

show abstract

Section: A Static Analysis With Traditional Classifiersmentioning

confidence: 99%

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

Yerima

Sezer

2019

IEEE Trans. Cybern.

151

View full text Add to dashboard Cite

show abstract

“…Wang et al [26] applied SVM, decision trees and random forest to analyse the use of vulnerable permissions for malware detection. Varsha et al [27] extricate static features from the manifest and application executable documents; their location strategy gave SVM, rotation forest and random forest on three datasets. DAPASA [28] used sensitive sub-graphs to construct five features depicting invocation patterns, random forest machine learning algorithm achieved the best detection performance.…”

Section: Static Analysismentioning

confidence: 99%

Research on Data Mining of Permission-Induced Risk for Android IoT Devices

et al. 2019

View full text Add to dashboard Cite

With the growing era of the Internet of Things (IoT), more and more devices are connecting with the Internet using android applications to provide various services. The IoT devices are used for sensing, controlling and monitoring of different processes. Most of IoT devices use Android applications for communication and data exchange. Therefore, a secure Android permission privileged mechanism is required to increase the security of apps. According to a recent study, a malicious Android application is developed almost every 10 s. To resist this serious malware campaign, we need effective malware detection approaches to identify malware applications effectively and efficiently. Most of the studies focused on detecting malware based on static and dynamic analysis of the applications. However, to analyse the risky permission at runtime is a challenging task. In this study, first, we proposed a novel approach to distinguish between malware and benign applications based on permission ranking, similarity-based permission feature selection, and association rule for permission mining. Secondly, the proposed methodology also includes the enhancement of the random forest algorithm to improve the accuracy for malware detection. The experimental outcomes demonstrate high proficiency of the accuracy for malware detection, which is pivotal for android apps aiming for secure data exchange between IoT devices.

show abstract

“…Some recent works have applied static opcode features to the problem of Android malware detection (Jerome et al, 2014;Kang et al, 2013;Canfora et al, 2015a;Canfora et al, 2015b;Varsha et al, 2016;Puerta et al, 2015;Canfora et al 2015c). Out of these, only Jerome et al, (2014) and Canfora et al, (2015a) have investigated n-gram extracted from the disassembled application bytecode as a means for Android malware detection.…”

Section: Introductionmentioning

confidence: 99%

N-gram Opcode Analysis for Android Malware Detection

Kang¹,

Yerima²,

Sezer³

et al. 2016

IJCSA

View full text Add to dashboard Cite

Android malware has been on the rise in recent years due to the increasing popularity of Android and the proliferation of third party application markets. Emerging Android malware families are increasingly adopting sophisticated detection avoidance techniques and this calls for more effective approaches for Android malware detection. Hence, in this paper we present and evaluate an n-gram opcode features based approach that utilizes machine learning to identify and categorize Android malware. This approach enables automated feature discovery without relying on prior expert or domain knowledge for predetermined features. Furthermore, by using a data segmentation technique for feature selection, our analysis is able to scale up to 10-gram opcodes. Our experiments on a dataset of 2520 samples showed achieved an f-measure of 98% using the n-gram opcode based approach. We also provide empirical findings that illustrate factors that have probable impact on the overall n-gram opcodes performance trends.

show abstract

Identification of malicious android app using manifest and opcode features

Cited by 42 publications

References 28 publications

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

Research on Data Mining of Permission-Induced Risk for Android IoT Devices

N-gram Opcode Analysis for Android Malware Detection

Contact Info

Product

Resources

About