HEMD: a highly efficient random forest-based malware detection framework for Android

Zhu, Huijuan; Jiang, Tongwen; Ma, Binghe; You, Zhu-Hong; Shi, Wei-Lei; Li, Cheng

doi:10.1007/s00521-017-2914-y

Cited by 58 publications

(32 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…3.3, with the analysis of the predictive performance. Specifically, the selected feature subsets have been used to train both support vector machines (SVM) and random forest (RF) classifiers, which have proved to be ''best of class'' learners in several domains [66][67][68][69]. In particular, for the SVM classifier we use a linear kernel, while the RF classifier is parameterized based on common practice in the literature [70,71] (log 2 (th) ?…”

Section: Predictive Performance Analysismentioning

confidence: 99%

Ensemble feature selection for high-dimensional data: a stability analysis across multiple domains

Pes

2019

Neural Comput & Applic

158

121

View full text Add to dashboard Cite

Selecting a subset of relevant features is crucial to the analysis of high-dimensional datasets coming from a number of application domains, such as biomedical data, document and image analysis. Since no single selection algorithm seems to be capable of ensuring optimal results in terms of both predictive performance and stability (i.e. robustness to changes in the input data), researchers have increasingly explored the effectiveness of ''ensemble'' approaches involving the combination of different selectors. While interesting proposals have been reported in the literature, most of them have been so far evaluated in a limited number of settings (e.g. with data from a single domain and in conjunction with specific selection approaches), leaving unanswered important questions about the large-scale applicability and utility of ensemble feature selection. To give a contribution to the field, this work presents an empirical study which encompasses different kinds of selection algorithms (filters and embedded methods, univariate and multivariate techniques) and different application domains. Specifically, we consider 18 classification tasks with heterogeneous characteristics (in terms of number of classes and instances-to-features ratio) and experimentally evaluate, for feature subsets of different cardinalities, the extent to which an ensemble approach turns out to be more robust than a single selector, thus providing useful insight for both researchers and practitioners.

show abstract

Section: Predictive Performance Analysismentioning

confidence: 99%

Ensemble feature selection for high-dimensional data: a stability analysis across multiple domains

Pes

2019

Neural Comput & Applic

158

121

View full text Add to dashboard Cite

show abstract

“…If the expressions and constraints of an application are in this rule library, this application will be considered as a malicious application. For example, to reduce the high false- [15], [16], [27], [28], [29], [30], [31], [32], [33], [34], [35], [36], [37], [39], [40], [41], [42], [43], [44], [45], [46], [47], [48], [49], [50], [51], [52], [53], [54], [55], [56], [57], [58], [59], [60], [61], [62], [63], [64], [94], [95], [98], [99], [100], [101], [102], [105], [109], [111],…”

Section: ) Publication Sourcementioning

confidence: 99%

A Systematic Literature Review of Android Malware Detection Using Static Analysis

et al. 2020

View full text Add to dashboard Cite

Android malware has been in an increasing trend in recent years due to the pervasiveness of Android operating system. Android malware is installed and run on the smartphones without explicitly prompting the users or without the user's permission, and it poses great threats to users such as the leakage of personal information and advanced fraud. To address these threats, various techniques are proposed by researchers and practitioners. Static analysis is one of these techniques, which is widely applied to Android malware detection and can detect malware quickly and prohibit malware before installation. To provide a clarified overview of the latest work in Android malware detection using static analysis, we perform a systematic literature review by identifying 98 studies from January 2014 to March 2020. Based on the features of applications, we first divide static analysis in Android malware detection into four categories, which include Android characteristic-based method, opcode-based method, program graph-based method, and symbolic execution-based method. Then we assess the malware detection capability of static analysis, and we compare the performance of different models in Android malware detection by analyzing the results of empirical evidence. Finally, it is concluded that static analysis is effective to detect Android malware. Moreover, there is a preliminary result that neural network model outperforms the non-neural network model in Android malware detection. However, static analysis still faces many challenges. Thus, it is necessary to derive some novel techniques for improving Android malware detection based on the current research community. Moreover, it is essential to establish a unified platform that is used to evaluate the performance of a series of techniques in Android malware detection fairly. INDEX TERMS Android malware detection, static analysis, systematic literature review.

show abstract

“…In [40], the authors presented the ‗AdDroid model' that detects malicious activities on a device by analyzing Android actions such as uploading of a file to a server, internet connections, installing packages on the device, etc. In [41], Android malware was detected by observing run-time-related events along with sensitive APIs and permissions by Zhu et al Apart from this, the authors in [42] and [43] proposed two absolutely different hybrid detection techniques by merging and combining the permissions with network traffic features. On similar lines, the authors in [44], [45], and [46] worked on malware detection by analyzing the combination of static and dynamic features.…”

Section: Hybrid Detectionmentioning

confidence: 99%

Blockchain Based Detection of Android Malware using Ranked Permissions

Gupta

Sethi

Chaudhary

et al. 2021

IJEAT

View full text Add to dashboard Cite

Android mobile devices are a prime target for a huge number of cyber-criminals as they aim to create malware for disrupting and damaging the servers, clients, or networks. Android malware are in the form of malicious apps, that get downloaded on mobile devices via the Play Store or third-party app markets. Such malicious apps pose serious threats like system damage, information leakage, financial loss to user, etc. Thus, predicting which apps contain malicious behavior will help in preventing malware attacks on mobile devices. Identifying Android malware has become a major challenge because of the ever-increasing number of permissions that applications ask for, to enhance the experience of the users. And most of the times, permissions and other features defined in normal and malicious apps are generally the same. In this paper, we aim to detect Android malware using machine learning, deep learning, and natural language processing techniques. To delve into the problem, we use the Android manifest files which provide us with features like permissions which become the basis for detecting Android malware. We have used the concept of information value for ranking permissions. Further, we have proposed a consensus-based blockchain framework for making more concrete predictions as blockchain have high reliability and low cost. The experimental results demonstrate that the proposed model gives the detection accuracy of 95.44% with the Random Forest classifier. This accuracy is achieved with top 45 permissions ranked according to Information Value.

show abstract

HEMD: a highly efficient random forest-based malware detection framework for Android

Cited by 58 publications

References 34 publications

Ensemble feature selection for high-dimensional data: a stability analysis across multiple domains

Ensemble feature selection for high-dimensional data: a stability analysis across multiple domains

A Systematic Literature Review of Android Malware Detection Using Static Analysis

Blockchain Based Detection of Android Malware using Ranked Permissions

Contact Info

Product

Resources

About