Ultra-Lightweight Malware Detection of Android Using 2-Level Machine Learning

Li, Ma; Yang, Yuexiang; Wang, Xiaolei; He, Jie

doi:10.1109/icisce.2016.161

Cited by 3 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…After that, several machine learning techniques such as AdaBoost, Random Forest, SVM, K-NN, Logistic Regression, Naive Bayes, Decision Tree Classifiers and Deep Learning have been adopted to classify an Android application as malware or benign. In [111], an Android malware detection method that combines 2-level machine learning with static analysis techniques has been proposed to optimize malware detection. In the first level, the Support Vector Machine has been used, while three different algorithms have been adopted in the second level (i.e.…”

Section: Detection Phasementioning

confidence: 99%

“…This algorithm depends on calculating the entropy values of the features and selecting the highest gain features to be used in training the classification model. This algorithm is the most used algorithm in the studied works, such as in [48,95,111,113,114]. In [119], the features have been ranked using mutual information method to select the top 10, 15, 20 and 25 features.…”

Section: Feature Selection Phasementioning

confidence: 99%

See 1 more Smart Citation

The Android malware detection systems between hope and reality

2019

View full text Add to dashboard Cite

The widespread use of Android-based smartphones made it an important target for malicious applications' developers. So, a large number of frameworks have been proposed to tackle the huge number of daily published malwares. Despite there are many review papers that have been conducted in order to shed light on the works that achieved in Android malware analysing domain, the number of conducted review papers do not fit with the importance of this research field and with the volume of achieved works. Also, there is no comprehensive taxonomy for all research trends in the field of analysing malicious applications targeting the Android system. Furthermore, none of the existing review papers contains a schematic model that makes it easy for the reader to know the methods and methodologies used in a particular field of research without much effort. This paper aims at proposing a comprehensive taxonomy and suggesting a new schematic review approach. To this end, a review of a large number of works that achieved between 2009 and 2019 has been conducted. The achieved study includes more than 200 papers that have different goals such as apps' behaviour analysis, automatic user interface triggers or packer/unpacker frameworks development. Also, a comprehensive taxonomy has been proposed so that most of the previous works can be classified under it. To the best of our knowledge, the suggested taxonomy is the widest and the most comprehensive in terms of the covered research trends. Moreover, we have proposed a detailed schematic model (called Schematic Review Model) illustrates the process of detecting the malignant applications of an Android in the light of the studied works and the proposed taxonomy. To our knowledge, this is the first time that the Android malware detection methods have been explained in this way with this amount of detail. Furthermore, the studied researches have been analysed according to multiple criteria such as used analysing method, used features, used detection method, and used dataset. Also, the features used in the studied works were discussed in detail by dividing it into multiple classes. Moreover, the challenges facing Android's malware analysing methods were discussed in detail. Finally, it has been concluded that there are gaps between the size and the goal of the conducted works and the number of malicious apps published every day, so some future works areas have been proposed and discussed.

show abstract

Section: Detection Phasementioning

confidence: 99%

Section: Feature Selection Phasementioning

confidence: 99%

The Android malware detection systems between hope and reality

2019

View full text Add to dashboard Cite

show abstract

“…No total foram definidas 36 chamadas de API sensíveis e 60 permissões a partir da análise de 1954 aplicações que foram obtidas de [Lashkari et al 2018]. Algumas características selecionadas também foram utilizadas em outros trabalhos relacionados à detecção de malware em Android [Yuan et al 2016], [Feldman et al 2015], [Ma et al 2016].…”

Section: Extração De Característicasunclassified

Avaliação e Recomendação de Aplicativos para Dispositivos Móveis com Foco em Segurança e Privacidade

Rocha¹,

Souto²

2019

Anais Do XIX Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2019)

View full text Add to dashboard Cite

O crescimento no número de dispositivos móveis e a diversidade de interesse de desenvolvedores maliciosos. Como apps despertaram o consequência, usuários têm receio de instalar apps por causa dos riscos associados a segurança e privacidade. Atualmente, sistemas de recomendação vêm sendo utilizados para a escolha de apps. No entanto, a maioria das abordagens não avalia segurança e quando o faz leva em consideração apenas as permissões das apps. Nesse contexto, este trabalho apresenta um sistema que avalia as apps e sugere apenas aplicativos seguros para serem instalados, aumentando a confiabilidade das apps baixadas. Experimentos preliminares mostram resultados satisfatórios em comparação com trabalhos da literatura.

show abstract

“…Since applications added to Google Play Market in the benign dataset did not go through a detailed analysis process to determine whether the applications in the benign data set were safe or not, the safety was checked using the VirusTotal API [38]. VirusTotal was used in the studies of AndroDialysis [20], Kang et al [39], Ma et al [40] and ICCDetector [41], which are available in the literature to ensure the safety of the applications that are used in benign data sets. 158 applications were found to be malicious by at least one antivirus program, namely the VirusTotal scanning, to sustain safer applications in the data set.…”

Section: Web-based Android Malicious Software Detection and Classificmentioning

confidence: 99%

Web-Based Android Malicious Software Detection and Classification System

Doğru¹,

Kiraz²

2018

Applied Sciences

View full text Add to dashboard Cite

Android is the most used operating system (OS) by mobile devices. Since applications uploaded to Google Play and other stores are not analyzed comprehensively, it is not known whether the applications are malicious software or not. Therefore, there is an urgent need to analyze these applications regarding malicious software. Moreover, mobile devices have limited resources to analyze the applications. In this study, a malicious detection system named “Web-Based Android Malicious Software Detection and Classification System” was developed. The system is based on client-server architecture, static analysis and web-scraping methods. The proposed system overcomes the resource restriction issue, as well as providing third-party service support by means of client-server architecture. Based on the performance evaluation conducted in this research, the developed system’s success rate is 97.62% on benign and malicious datasets.

show abstract

Ultra-Lightweight Malware Detection of Android Using 2-Level Machine Learning

Cited by 3 publications

References 16 publications

The Android malware detection systems between hope and reality

The Android malware detection systems between hope and reality

Avaliação e Recomendação de Aplicativos para Dispositivos Móveis com Foco em Segurança e Privacidade

Web-Based Android Malicious Software Detection and Classification System

Contact Info

Product

Resources

About