A new mobile botnet classification based on permission and API calls

Yusof, Muhammad; Saudi, Madihah Mohd; Ridzuan, Farida

doi:10.1109/est.2017.8090410

Cited by 25 publications

(19 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The combination feature sets system calls with permissions and system calls with API calls just produced the accuracy rate of 93.5% and 93.8%, respectively. The results of TPR and FPR were slightly similar to previous study [29]. However, the results of the proposed feature set, which included the feature set from system calls, permissions and API calls are shown in Table 5.…”

Section: Resultssupporting

confidence: 80%

“…This research proposed a hybrid analysis for mobile botnet classification. The paper is an extension of the research that used feature set permissions and API calls [29]. 1,527 botnets samples from 14 botnets families from Drebin [28] dataset were used to collect all information for botnets features.…”

Section: Methodsmentioning

confidence: 99%

“…Drebin dataset [28] which consists of 5,560 malware from 179 different families, were used for training. Drebin dataset is currently one of the largest freely available dataset on the Internet which are used in mobile malware research [29][30][31][32]. Meanwhile, for testing, 800 apps datasets of random categories were downloaded from Google Play Store and were tested with Virustotal [33] to ensure the apps were free from malicious.…”

Section: Datasetmentioning

confidence: 99%

See 2 more Smart Citations

Mobile Botnet Classification by using Hybrid Analysis

Yusof¹,

Saudi²,

Ridzuan³

2018

IJET

Self Cite

View full text Add to dashboard Cite

The popularity and adoption of Android smartphones has attracted malware authors to spread the malware to smartphone users. The malware on smartphone comes in various forms such as Trojans, viruses, worms and mobile botnet. However, mobile botnet or Android botnet are more dangerous since they pose serious threats by stealing user credential information, distributing spam and sending distributed denial of service (DDoS) attacks. Mobile botnet is defined as a collection of compromised mobile smartphones and controlled by a botmaster through a command and control (C&C) channel to serve a malicious purpose. Current research is still lacking in terms of their low detection rate due to their selected features. It is expected that a hybrid analysis could improve the detection rate. Therefore, machine learning methods and hybrid analysis which combines static and dynamic analyses were used to analyse and classify system calls, permission and API calls. The objective of this paper is to leverage machine learning techniques to classify the Android applications (apps) as botnet or benign. The experiment used malware dataset from the Drebin for the training and mobile applications from Google Play Store for testing. The results showed that Random Forest Algorithm achieved the highest accuracy rate of 97.9%. In future, more significant approach by using different feature selection such as intent, string and system component will be further explored for a better detection and accuracy rate.

show abstract

Section: Resultssupporting

confidence: 80%

Section: Methodsmentioning

confidence: 99%

Section: Datasetmentioning

confidence: 99%

See 1 more Smart Citation

Mobile Botnet Classification by using Hybrid Analysis

Yusof¹,

Saudi²,

Ridzuan³

2018

IJET

Self Cite

View full text Add to dashboard Cite

show abstract

“…Yusof et al [24] proposed a mobile botnet classification based on permissions and API calls. During the training phase, 5,560 malware from 179 different mobile malware families were collected.…”

Section: Anomaly-based Detectionmentioning

confidence: 99%

A Survey on Mobile Malware Detection Techniques

Kouliaridis

Barmpatsalou

Kambourakis

et al. 2020

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Modern mobile devices are equipped with a variety of tools and services, and handle increasing amounts of sensitive information. In the same trend, the number of vulnerabilities exploiting mobile devices are also augmented on a daily basis and, undoubtedly, popular mobile platforms, such as Android and iOS, represent an alluring target for malware writers. While researchers strive to find alternative detection approaches to fight against mobile malware, recent reports exhibit an alarming increase in mobile malware exploiting victims to create revenues, climbing towards a billion-dollar industry. Current approaches to mobile malware analysis and detection cannot always keep up with future malware sophistication [2], [4]. The aim of this work is to provide a structured and comprehensive overview of the latest research on mobile malware detection techniques and pinpoint their benefits and limitations.

show abstract

“…However, in our proposed hybrid framework, we achieved 96.56% accuracy from static analysis with state-of-the-art mobile botnet samples. Correspondingly, Yusof et al [22] presented an inventive mobile botnet detection approach based on the static analysis by using permissions and API calls parameters. Most essential and conspicuous 31 API calls and 16 permissions extracted in the perception of mobile botnet authors used.…”

Section: Related Workmentioning

confidence: 99%

Hybrid Machine Learning Techniques Applied in Real Engineering Applications

Qamar¹,

Karim²,

Shamshirband³

2019

Preprint

View full text Add to dashboard Cite

Smartphone devices, particularly android devices used by billions of people everywhere in the world. Similarly, this increasing rate attracts mobile botnet attackers that is a network of interconnected nodes operated by command and control (C&C) method to expand malicious activities. At present, mobile botnet attacks carried Distributed denial of services (DDoS) that causes to steal sensitive data, remote access, spam generation, etc. Consequently, various approaches are defined in the literature to detect mobile botnet using static or dynamic analysis. In this paper, we have proposed a novel hybrid model, which is a combination of static and dynamic method that relies on machine learning to identify android botnet applications having C&C capability. The results evaluated through machine learning classifiers in which Random forest classifier outperform other ML techniques, i.e. Naïve Bayes, Support Vector Machine, and Simple logistics. Our proposed framework can achieve 97.48% accuracy in detecting such harmful applications. Furthermore, we highlight some research directions and possible solutions regarding botnet attacks for the entire community.

show abstract

A new mobile botnet classification based on permission and API calls

Cited by 25 publications

References 24 publications

Mobile Botnet Classification by using Hybrid Analysis

Mobile Botnet Classification by using Hybrid Analysis

A Survey on Mobile Malware Detection Techniques

Hybrid Machine Learning Techniques Applied in Real Engineering Applications

Contact Info

Product

Resources

About