MBotCS: A Mobile Botnet Detection System Based on Machine Learning

Meng, Xiangda; Spanoudakis, George

doi:10.1007/978-3-319-31811-0_17

Cited by 8 publications

(5 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This study led to a conclusion that 90% of the malware samples in the dataset were botnets. In [9], network features were used with machine learning to enable detection of mobile botnets. The features used include TCP/UDP packet size, frame duration, and source/destination IP address.…”

Section: Related Workmentioning

confidence: 99%

A deep learning-enhanced botnet detection system based on Android manifest text mining

Yerima

2022

2022 10th International Symposium on Digital Forensics and Security (ISDFS)

View full text Add to dashboard Cite

Android botnets remain a significant threat to mobile and IoT systems and networks as they continue to infect millions of devices worldwide. Therefore, there is a need to develop more effective solutions to tackle their spread. Hence, in this paper we propose a system for detecting Android botnets through automated text mining of the manifest files obtained from apps. The proposed method utilizes NLP techniques to extract features from the manifest files and a deep learning-based classification model is used to detect botnet applications. The classification model is implemented using CNN and a traditional machine learning classifier such as SVM, Random Forest or KNN. We performed experiments to evaluate the proposed system with 3858 Android applications consisting of 1929 botnet and 1929 benign samples. The results showed the best overall performance with the CNN-SVM hybrid model which had an average accuracy of 96.9% thus outperforming the singular machine learning classifiers.

show abstract

Section: Related Workmentioning

confidence: 99%

A deep learning-enhanced botnet detection system based on Android manifest text mining

Yerima

2022

2022 10th International Symposium on Digital Forensics and Security (ISDFS)

View full text Add to dashboard Cite

show abstract

“…Pushing the limitations of signature-based methods, a number of authors [13][14][15][16][17] used anomaly-based methods to detect Android Botnets. Jadhav et al [13] proposed a multilayer approach to classify the families of Android Botnets using features such as system calls, network traffic, and application level function call data.…”

Section: Related Workmentioning

confidence: 99%

“…However, their system requires a JAVA application to be installed on the user's mobile device. MBotCS proposed by Meng et al [14] detects mobile Botnets using network features such as TCP/UDP packet size, frame duration, and source/destination IP address. The authors used a set of ML box algorithms and five different ML classifiers to classify the collected network traffic in real-time.…”

Section: Related Workmentioning

confidence: 99%

Android Botnet Detection using Convolutional Neural Networks

Hojjatinia

Hamzenejadi

Mohseni

2020

2020 28th Iranian Conference on Electrical Engineering (ICEE)

View full text Add to dashboard Cite

Today, Android devices are able to provide various services. They support applications for different purposes such as entertainment, business, health, education, and banking services. Because of the functionality and popularity of Android devices as well as the open-source policy of Android OS, they have become a suitable target for attackers. Android Botnet is one of the most dangerous malwares because an attacker called Botmaster can control that remotely to perform destructive attacks. A number of researchers have used different well-known Machine Learning (ML) methods to recognize Android Botnets from benign applications. However, these conventional methods are not able to detect new sophisticated Android Botnets. In this paper, we propose a novel method based on Android permissions and Convolutional Neural Networks (CNNs) to classify Botnets and benign Android applications.Being the first developed method that uses CNNs for this aim, we also proposed a novel method to represent each application as an image which is constructed based on the co-occurrence of used permissions in that application. The proposed CNN is a binary classifier that is trained using these images. Evaluating the proposed method on 5450 Android applications consist of Botnet and benign samples, the obtained results show the accuracy of 97.2% and recall of 96% which is a promising result just using Android permissions.

show abstract

“…Paper [16] proposed an approach to detect mobile botnets using network features such as TCP/UDP packet size, frame duration, and source/destination IP address. The authors used a set of ML box algorithms and five machine learning classifiers to classify network traffic.…”

Section: Related Workmentioning

confidence: 99%

Mobile Botnet Detection: A Deep Learning Approach Using Convolutional Neural Networks

Yerima

Alzaylaee

2020

2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)

View full text Add to dashboard Cite

Android, being the most widespread mobile operating systems is increasingly becoming a target for malware. Malicious apps designed to turn mobile devices into bots that may form part of a larger botnet have become quite common, thus posing a serious threat. This calls for more effective methods to detect botnets on the Android platform. Hence, in this paper, we present a deep learning approach for Android botnet detection based on Convolutional Neural Networks (CNN). Our proposed botnet detection system is implemented as a CNN-based model that is trained on 342 static app features to distinguish between botnet apps and normal apps. The trained botnet detection model was evaluated on a set of 6,802 real applications containing 1,929 botnets from the publicly available ISCX botnet dataset. The results show that our CNN-based approach had the highest overall prediction accuracy compared to other popular machine learning classifiers. Furthermore, the performance results observed from our model were better than those reported in previous studies on machine learning based Android botnet detection.

show abstract

MBotCS: A Mobile Botnet Detection System Based on Machine Learning

Cited by 8 publications

References 18 publications

A deep learning-enhanced botnet detection system based on Android manifest text mining

A deep learning-enhanced botnet detection system based on Android manifest text mining

Android Botnet Detection using Convolutional Neural Networks

Mobile Botnet Detection: A Deep Learning Approach Using Convolutional Neural Networks

Contact Info

Product

Resources

About