Malware Detection: A Framework for Reverse Engineered Android Applications Through Machine Learning Algorithms

Urooj, Beenish; Shah, Munam Ali; Maple, Carsten; Abbasi, Muhammad Kamran; Riasat, Sidra

doi:10.1109/access.2022.3149053

Cited by 41 publications

(7 citation statements)

References 58 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Malware datasets used Rovelli et al [115] Genome, Contagio Arp et al [116] Genome,FakeInstaller, GoldDream 27 , GingerMaster 28 , DroidKungFu 29 Yerima et al [117] McAfee Kang et al [118] VirusShare, Contagio, Malware.lu Zhao et al [119] Drebin Qiao et al [120] Genome Chen et al [121] 360 APKs 30 , MobiSec Lab Website 31 , [217] Demertzis et al [122] Magnum-Research 32 Verma et al [123] Contagio, malware forums , security blogs, Genome Wang et al [124] VirusTotal Tang et al [125] Genome, Drebin Wang et al [126] Drebin, Genome Li et al [127] Drebin Bhattacharya et al [128] Contagio Xie et al [129] Genome, VirusShare, Drebin Xie et al [130] Genome, VirusShare, Drebin, antivirus companies Ren et al [131] Anzhi, AndroTotal, Drebin Tao et al [132] VirusShare, Contagio Namrud et al [133] AndroZoo Alswaina et al [134] -Qiu et al [135] -Zhu et al [136] ViruShare Feng et al [137] No Malware Aonzo et al [138] AndroZoo Urooj et al [139] MalDroid [225], DefenseDroid 33 and a small own generated dataset Wang et al [140] No malware Wang et al [141] FakeInst, Opfake, FakeInstaller, Droid-KungFu, GinMaster, Plankton Zhang et al [142] No malware Kesswani et al [143] No malware Ibrahim et al [144] CICMalDroid 2020 Arshad et al [145] Drebin Yuan et al [146] Genome, Contagio Zhou et al [147] Genome Cilleruelo et al [148] Malware selected on the basis of lifespan criteria from Google Play Store ...…”

Section: Related Workmentioning

confidence: 99%

A comprehensive review on permissions-based Android malware detection

Sharma,

Arora

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

The first Android-ready "G1" phone debuted in late October 2008. Since then, the growth of Android malware has been explosive analogous to the rise in the popularity of Android. The major positive aspect of Android has been its open-source nature, which empowers app developers to expand their work. But at the same time, authors with malicious intentions pose grave threats to users. In the presence of such threats, Android malware detection is the need of an hour. Consequently, researchers have proposed various techniques involving static, dynamic, and hybrid analysis to address such threats using numerous features in the last decade. But the feature that most researchers have extensively used to perform malware analysis and detection in Android security is Android permission. Hence, to provide a clarified overview of the latest and past work done in Android malware analysis and detection, we perform a comprehensive literature review using permissions as a central feature or in combination with other components by collecting and analyzing 200 studies from January 2009 to February 2023. We extracted information such as the choice opted by researchers between analysis or detection, techniques used to select or rank the permissions feature set, features used along with permissions, detection models employed, the malware datasets used by researchers, and lastly, the limitations and challenges in the field of Android malware detection to propose some future research directions. Additionally, based on the information extracted, we answer the six research questions designed considering the above factors.

show abstract

Section: Related Workmentioning

confidence: 99%

A comprehensive review on permissions-based Android malware detection

Sharma,

Arora

2024

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…This method combines features gained through static and dynamic methods. 8 The methodologies proposed in the referenced paper contribute to the enhancement of key factors, such as selected features for classification and the overall accuracy in predicting malware detection. Numerous research has integrated all of these elements in order to enhance the efficiency of the detection rate.…”

Section: Related Workmentioning

confidence: 99%

Assessing the efficacy of Machine learning classifier for Android malware detection

Misalkar,

Harshawardhanan

2024

JIST

View full text Add to dashboard Cite

The primary challenges faced by software security experts is the identification and detection of malware within Android applications, as dangerous software is increasingly being embedded in sophisticated manners in application software. The existing applications, as well, are expanding in size and becoming increasingly intricate in terms of their functionalities. The ongoing endeavor of extracting valuable and indicative functionality from applications is a perpetual undertaking. There has been a lack of comprehensive studies that examine the specific attributes designed for identifying malicious applications on the Android platform. This is despite the existence of several feature extraction methods employed in prior research endeavors. Here, a comprehensive and concise analysis is presented to comprehend the behavior of applications using various criteria to identify harmful applications. This study evaluates the efficacy of ten different machine learning classifiers by analyzing a dataset including 15,036 applications categorized as either harmful or benign. The evaluation of classifiers involved the utilization of many metrics like Accuracy, Area Under the Curve (AUC), False Positive Rate (FPR), and False Negative Rate (FNR) towards development of illustrative framework for the detection of Android malware applications.

show abstract

“…Melakukan reverse engineering pada aplikasi Android dan mengekstrak fitur serta melakukan analisis statis dari mereka tanpa harus menjalankannya (Singh, 2022). Metode ini melibatkan pemeriksaan isi dua file: AndroidManifest.xml dan classes.dex serta bekerja pada file dengan ekstensi.apk (Urooj et al, 2022).…”

Section: Pendahuluanunclassified

Implementasi Frida Framework untuk Manipulasi Alur Kerja pada Aplikasi Android

Ramadhan,

Fitriani,

Rosid

et al. 2024

pslse

View full text Add to dashboard Cite

Peningkatan keamanan pada perangkat Android telah menjadi tantangan bagi para peneliti keamanan. Bypass root adalah salah satu metode yang sering digunakan untuk menghindari deteksi oleh mekanisme keamanan. Dalam penelitian ini, menjelaskan penggunaan Frida, sebuah framework dynamic instrumentation, untuk melakukan bypass root pada perangkat Android. Dengan memanfaatkan kemampuan Frida untuk melakukan intersepsi dan modifikasi kode pada saat runtime, dapat mengubah perilaku aplikasi yang mencoba mendeteksi keberadaan root. Penulis melakukan serangkaian percobaan menggunakan Frida dan berhasil melewati mekanisme deteksi root yang umum digunakan. Hasil penelitian ini menunjukkan potensi Frida sebagai alat yang efektif dalam melakukan bypass root dan serangkaian pengujian keamanan pada perangkat Android. Penelitian ini memberikan pemahaman lebih lanjut tentang penggunaan Frida dalam konteks keamanan perangkat Android.

show abstract

Malware Detection: A Framework for Reverse Engineered Android Applications Through Machine Learning Algorithms

Cited by 41 publications

References 58 publications

A comprehensive review on permissions-based Android malware detection

A comprehensive review on permissions-based Android malware detection

Assessing the efficacy of Machine learning classifier for Android malware detection

Implementasi Frida Framework untuk Manipulasi Alur Kerja pada Aplikasi Android

Contact Info

Product

Resources

About