Two Anatomists Are Better than One—Dual-Level Android Malware Detection

Kouliaridis, Vasileios; Kambourakis, Georgios; Geneiatakis, Dimitris; Potha, Nektaria

doi:10.3390/sym12071128

Cited by 35 publications

(25 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…where ( ) and | refer to the prior probability of , and the posterior probability of given feature respectively. Equations (11) and (12) give the entropy of L before and after observing F. The features are ranked in ascending order of their ( ) and the top features that meet the selection criterion are identified for further use. Normally, the features with a high ( ) value are taken to be relevant features, whereas those that do have a lower ( )value are considered not useful feature.…”

Section: Information Gainmentioning

confidence: 99%

“…These feature extraction methods normally generate very large high-dimensional, redundant and noisy features [ 10 , 11 ]. Some of the raw features offer little or no information that is useful to distinguish malware apps from benign apps and may even impact the performance of the malware detection methods [ 10 , 12 , 13 , 14 ]. As a result, automatic feature subset selection has become a key aspect of machine learning [ 15 ].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Feature Subset Selection for Malware Detection in Smart IoT Platforms

Abawajy

Darem

Alhashmi

2021

Sensors

View full text Add to dashboard Cite

Malicious software (“malware”) has become one of the serious cybersecurity issues in Android ecosystem. Given the fast evolution of Android malware releases, it is practically not feasible to manually detect malware apps in the Android ecosystem. As a result, machine learning has become a fledgling approach for malware detection. Since machine learning performance is largely influenced by the availability of high quality and relevant features, feature selection approaches play key role in machine learning based detection of malware. In this paper, we formulate the feature selection problem as a quadratic programming problem and analyse how commonly used filter-based feature selection methods work with emphases on Android malware detection. We compare and contrast several feature selection methods along several factors including the composition of relevant features selected. We empirically evaluate the predictive accuracy of the feature subset selection algorithms and compare their predictive accuracy and the execution time using several learning algorithms. The results of the experiments confirm that feature selection is necessary for improving accuracy of the learning models as well decreasing the run time. The results also show that the performance of the feature selection algorithms vary from one learning algorithm to another and no one feature selection approach performs better than the other approaches all the time.

show abstract

Section: Information Gainmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Feature Subset Selection for Malware Detection in Smart IoT Platforms

Abawajy

Darem

Alhashmi

2021

Sensors

View full text Add to dashboard Cite

show abstract

“…When feeding additional features extracted through dynamic analysis to malware detection models, they can typically cope significantly better with the newest and more challenging pieces of malware [4]. However, hybrid analysis systems are inherently more complex, due to the several extra components mandated by dynamic analysis, such as a virtual or real platform, and a user event and input emulator to exercise the app.…”

Section: Analysis Type Feature Extraction Methods Features Extractedmentioning

confidence: 99%

A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

Kouliaridis

Kambourakis

2021

Information

Self Cite

View full text Add to dashboard Cite

Year after year, mobile malware attacks grow in both sophistication and diffusion. As the open source Android platform continues to dominate the market, malware writers consider it as their preferred target. Almost strictly, state-of-the-art mobile malware detection solutions in the literature capitalize on machine learning to detect pieces of malware. Nevertheless, our findings clearly indicate that the majority of existing works utilize different metrics and models and employ diverse datasets and classification features stemming from disparate analysis techniques, i.e., static, dynamic, or hybrid. This complicates the cross-comparison of the various proposed detection schemes and may also raise doubts about the derived results. To address this problem, spanning a period of the last seven years, this work attempts to schematize the so far ML-powered malware detection approaches and techniques by organizing them under four axes, namely, the age of the selected dataset, the analysis type used, the employed ML techniques, and the chosen performance metrics. Moreover, based on these axes, we introduce a converging scheme which can guide future Android malware detection techniques and provide a solid baseline to machine learning practices in this field.

show abstract

“…Static analysis employed three different tools. Two of them, namely Androtomist [20] and MobSF [21] are open-source, while the other, namely Ostorlab [22], utilised only for outdated software component analysis and taint analysis, is a software-as-a-service (SaaS) product. Details on these tools are given in the respective sections.…”

Section: Methodsmentioning

confidence: 99%

“…Additionally, the lookup for potentially privacy-invasive API calls in the app's code can on the one hand provide supplementary information about higher-risk actions the app may perform, and on the other, reveal whether the identified calls coincide with the requested permissions. For this purpose, as already pointed out, the Androtomist tool [20] has been employed. Specifically, for the needs of this study, the tool collected the permissions from the app's manifest file and the API calls from the smali files.…”

Section: High-level Static Analysismentioning

confidence: 99%

A Multi-Tier Security Analysis of Official Car Management Apps for Android

2021

Self Cite

View full text Add to dashboard Cite

Using automotive smartphone applications (apps) provided by car manufacturers may offer numerous advantages to the vehicle owner, including improved safety, fuel efficiency, anytime monitoring of vehicle data, and timely over-the-air delivery of software updates. On the other hand, the continuous tracking of the vehicle data by such apps may also pose a risk to the car owner, if, say, sensitive pieces of information are leaked to third parties or the app is vulnerable to attacks. This work contributes the first to our knowledge full-fledged security assessment of all the official single-vehicle management apps offered by major car manufacturers who operate in Europe. The apps are scrutinised statically with the purpose of not only identifying surfeits, say, in terms of the permissions requested, but also from a vulnerability assessment viewpoint. On top of that, we run each app to identify possible weak security practices in the owner-to-app registration process. The results reveal a multitude of issues, ranging from an over-claim of sensitive permissions and the use of possibly privacy-invasive API calls, to numerous potentially exploitable CWE and CVE-identified weaknesses and vulnerabilities, the, in some cases, excessive employment of third-party trackers, and a number of other flaws related to the use of third-party software libraries, unsanitised input, and weak user password policies, to mention just a few.

show abstract

Two Anatomists Are Better than One—Dual-Level Android Malware Detection

Cited by 35 publications

References 26 publications

Feature Subset Selection for Malware Detection in Smart IoT Platforms

Feature Subset Selection for Malware Detection in Smart IoT Platforms

A Comprehensive Survey on Machine Learning Techniques for Android Malware Detection

A Multi-Tier Security Analysis of Official Car Management Apps for Android

Contact Info

Product

Resources

About