Static detection of Android malware by using permissions and API calls

Chan, Patrick P. K.; Song, Wen-Kai

doi:10.1109/icmlc.2014.7009096

Cited by 73 publications

(39 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [17], API classes were used with Random Forest, J48 and SVM classifiers. Wang et al [18] evaluated the usefulness of risky permissions for malware detection using SVM, Decision Trees and Random Forest.…”

Section: A Static Analysis With Traditional Classifiersmentioning

confidence: 99%

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

Yerima

Sezer

2019

IEEE Trans. Cybern.

147

View full text Add to dashboard Cite

Abstract-Android malware has continued to grow in volume and complexity posing significant threats to the security of mobile devices and the services they enable. This has prompted increasing interest in employing machine learning to improve Android malware detection. In this paper we present a novel classifier fusion approach based on a multilevel architecture that enables effective combination of machine learning algorithms for improved accuracy. The framework (called DroidFusion), generates a model by training base classifiers at a lower level and then applies a set of ranking-based algorithms on their predictive accuracies at the higher level in order to derive a final classifier. The induced multilevel DroidFusion model can then be utilized as an improved accuracy predictor for Android malware detection. We present experimental results on four separate datasets to demonstrate the effectiveness of our proposed approach. Furthermore, we demonstrate that the DroidFusion method can also effectively enable the fusion of ensemble learning algorithms for improved accuracy. Finally, we show that the prediction accuracy of DroidFusion, despite only utilizing a computational approach in the higher level, can outperform Stacked Generalization, a well-known classifier fusion method that employs a meta-classifier approach in its higher level.

show abstract

Section: A Static Analysis With Traditional Classifiersmentioning

confidence: 99%

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

Yerima

Sezer

2019

IEEE Trans. Cybern.

147

View full text Add to dashboard Cite

show abstract

“…Five machine learning classifiers were used in the dataset, which are Naïve Bayes (NB), K-Nearest Neighbors (KNN) Decision Tree (J48), Random Forest (RF) and Support Vector Machine (SVM) with SMO. These five classifiers were chosen due to their common use in other similar works [26,[37][38][39]. The experiment was conducted by using Waikato Environment for Knowledge Analysis (WEKA), which is a software tool that was widely employed for implementing the feature selection method and the classification algorithm [36].…”

Section: R 2 R 3 …R J } and If J Th Permission Exist (1) Otherwisementioning

confidence: 99%

Mobile Botnet Classification by using Hybrid Analysis

Yusof¹,

Saudi²,

Ridzuan³

2018

IJET

View full text Add to dashboard Cite

The popularity and adoption of Android smartphones has attracted malware authors to spread the malware to smartphone users. The malware on smartphone comes in various forms such as Trojans, viruses, worms and mobile botnet. However, mobile botnet or Android botnet are more dangerous since they pose serious threats by stealing user credential information, distributing spam and sending distributed denial of service (DDoS) attacks. Mobile botnet is defined as a collection of compromised mobile smartphones and controlled by a botmaster through a command and control (C&C) channel to serve a malicious purpose. Current research is still lacking in terms of their low detection rate due to their selected features. It is expected that a hybrid analysis could improve the detection rate. Therefore, machine learning methods and hybrid analysis which combines static and dynamic analyses were used to analyse and classify system calls, permission and API calls. The objective of this paper is to leverage machine learning techniques to classify the Android applications (apps) as botnet or benign. The experiment used malware dataset from the Drebin for the training and mobile applications from Google Play Store for testing. The results showed that Random Forest Algorithm achieved the highest accuracy rate of 97.9%. In future, more significant approach by using different feature selection such as intent, string and system component will be further explored for a better detection and accuracy rate.

show abstract

“…By recording system call patterns of malware and benign, a Boolean feature set can be created to build Android malware classification system [34], [43]- [47].…”

Section: System Callsmentioning

confidence: 99%

Features for Detecting Malware on Computing Environments

Kumar¹,

Kuppusamy²,

Aghila³

2016

IJEACS

View full text Add to dashboard Cite

Abstract-Malware is the main threat for all computing environments. It also acts as launching platform for many other cyber threats. Traditional malware detection system is not able to detect "modern", "unknown" and "zero-day" malware. Recent developments in computing hardware and machine learning techniques have emerged as alternative solution for malware detection. The efficiency of any machine learning algorithm depends on the features extracted from the dataset. Various types of features are extracted and being researched with machine learning approach to detect malware that are targeted towards computing environments. In this work we have organized and summarized different feature types used to detect malware. This work will direct future researchers and industry to make decision on feature type selection regarding chosen computing environment for building an accurate malware classifier.

show abstract

Static detection of Android malware by using permissions and API calls

Cited by 73 publications

References 10 publications

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

DroidFusion: A Novel Multilevel Classifier Fusion Approach for Android Malware Detection

Mobile Botnet Classification by using Hybrid Analysis

Features for Detecting Malware on Computing Environments

Contact Info

Product

Resources

About