PERMISSION BASED ANDROID MALWARE DETECTION USING MACHINE LEARNING
Main Article Content
Abstract
Due to the open architecture of the Android operating system, there has also been a huge increase in mobile malware. With the growth in amount, variants, diversity and sophistication in malware, conventional methods often fail to detect malicious applications. Signatures based technologies work efficient for known malware but fail to detect unknown or new malware. In this paper author will appliance an approach to detect the unfamiliar Android malware using machine learning techniques. In our approach, we extract permissions (AOSP and third party permissions) features for getting high accuracy. Then features were selected along with separate apks (malware and benign files) in training and testing classifiers. We evaluate our method on AndroZoo dataset (15000 malware and 15000 benign Apks) We use Random forest classifiers for classification of Android malware and achieved 91.1% accuracy with AOSP and 72.3% accuracy with Third Party Permission.
Downloads
Article Details
References
IDC,“Smartphone market share,” 2019. [Online]. Available: ttps://www.idc.com/promo/%0Asmartphone-market-share/os. [Accessed: 02-Aug-2019].
E. Protalinski, “Android passes 2.5 billion monthly ac- tive devices - Venturebeat.,” 2019. [Online]. Available: https://venturebeat.com/2019/05/07/%0Aandroid-passes-2-5-billion-monthly-active-devices/. [Accessed: 15-Sep-2019].
Q. Heal, “QUARTERLY THREAT REPORT Q2-2019,” 2019.
Android, “Platform Architecture Agenda,” Architecture, 2018. [Online]. Available: https://developer.android.com/guide/%0Aplatform. [Accessed: 22-Sep-2019].
Neil, “An Overview of The Android Architecture.” Available: https://www.techotopia.com/index.php/An_Overview_of_the_Android_Architecture . [Accessed: 15-Sept-2019]
P. Szor, “The Art of Computer Virus Research and Defense,” Symantec Press Publisher, vol. 43, no. 03, pp. 180-200, 2005. DOI: https://doi.org/10.5860/CHOICE.43-1613
A. Govindaraju, “Exhaustive Statistical Analysis for Detection of Metamorphic Malware,” 2010.
H. Florian, “Introduction to Malware Analysis Techniques,” 2015.
A. Sharma and S. K. Sahay, “Evolution and Detection of Polymorphic and Metamorphic Malwares: A Survey,” Int. J. Comput. Appl., vol. 90, no. 2, pp. 7–11, 2014. DOI: https://doi.org/10.5120/15544-4098
K. Griffin, S. Schneider, X. Hu, and T. C. Chiueh, “Automatic generation of string signatures for malware detection,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2009, vol. 5758 LNCS, pp. 101–120. DOI: https://doi.org/10.1007/978-3-642-04342-0_6
I. A. Saeed, A. Selamat, and A. M. A. Abuagoub, “A Survey on Malware and Malware Detection Systems,” vol. 67, no. 16, pp. 25–31, 2013. DOI: https://doi.org/10.5120/11480-7108
J.-Y. Xu, a. H. Sung, P. Chavez, and S. Mukkamala, “Polymorphic malicious executable scanner by API sequence analysis,” Fourth Int. Conf. Hybrid Intell. Syst., pp. 0–5, 2004.
A. Sharma and S. K. Sahay, “An effective approach for classification of advanced malware with high accuracy,” Int. J. Secur. its Appl., vol. 10, no. 4, pp. 249–266, 2016. DOI: https://doi.org/10.14257/ijsia.2016.10.4.24
S. K. Sharma, Sanjay and Krishna, C Rama and Sahay, “Detection of advanced malware by machine learning techniques,” in Soft Computing: Theories and Applications, 2019, pp. 333–342. DOI: https://doi.org/10.1007/978-981-13-0589-4_31
A. Shabtai, R. Moskovitch, Y. Elovici, and C. Glezer, “Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey,” Inf. Secur. Tech. Rep., vol. 14, no. 1, pp. 16–29, 2009. DOI: https://doi.org/10.1016/j.istr.2009.03.003
M. G. Schultz, E. Eskin, and S. J. Stolfo, “Data Mining Methods for Detection of New Malicious Executables,” 2001.
D. Bilar, “Opcodes As Predictor for Malware,” Int. J. Electron. Secur. Digit. Forensic, vol. 1, no. 2, pp. 156–168, 2007. DOI: https://doi.org/10.1504/IJESDF.2007.016865
K. Allix, T. F. Bissyandé, Q. Jérome, J. Klein, R. State, and Y. Le Traon, “Large-scale machine learning-based malware detection,” in Proceedings of the 4th ACM conference on Data and application security and privacy - CODASPY ’14, 2014, pp. 163–166. DOI: https://doi.org/10.1145/2557547.2557587
C. Wang, Z. Qin, J. Zhang, and H. Yin, “A malware variants detection methodology with an opcode based feature method and a fast density based clustering algorithm,” pp. 481–487, 2016. DOI: https://doi.org/10.1109/FSKD.2016.7603221
F. A. Narudin, A. Feizollah, N. B. Anuar, and A. Gani, “Evaluation of machine learning classifiers for mobile malware detection,” Soft Compuing, vol. 20, no. 1, pp. 343–357, 2016. DOI: https://doi.org/10.1007/s00500-014-1511-6
J. Li, L. Sun, Q. Yan, Z. Li, W. Srisa-An, and H. Ye, “Significant Permission Identification for Machine-Learning-Based Android Malware Detection,” IEEE Trans. Ind. Informatics, vol. 14, no. 7, pp. 3216–3225, 2018. DOI: https://doi.org/10.1109/TII.2017.2789219
R. H. D. Ke Xu, Yingjiu Li, “Iccdetector: Icc-based malware detection on android,” in Information Forensics and Security, 2016, pp. 1252–1264.
K. Wain and Y. Au, “by A thesis submitted in conformity with the requirements Graduate Department of Electrical and Computer Engineering c Copyright 2012 by Kathy Wain Yee Au,” 2012.
G. Tao, Z. Zheng, Z. Guo, and M. R. Lyu, “MalPat: Mining Patterns of Malicious and Benign Android Apps via Permission-Related APIs,” IEEE Trans. Reliab., vol. 67, no. 1, pp. 355–369, 2018. DOI: https://doi.org/10.1109/TR.2017.2778147
M. C. Sanjeev Das, Yang Liu, Wei Zhang, “Semantics-based online malware detection: Towards efficient real-time pro- tection against malware,” in Information Forensics and Security, 2016, pp. 289–302. DOI: https://doi.org/10.1109/TIFS.2015.2491300
E. B. Bahman Rashidi, Carol Fung, “Android resource usage risk assessment using hidden Markov model and online learning,” in Computers & Security, 2017, pp. 90–107. DOI: https://doi.org/10.1016/j.cose.2016.11.006
H. J. Zhu, Z. H. You, Z. X. Zhu, W. L. Shi, X. Chen, and L. Cheng, “DroidDet: Effective and robust detection of android malware using static analysis along with rotation forest model,” Neurocomputing, vol. 272, pp. 638–646, 2018. DOI: https://doi.org/10.1016/j.neucom.2017.07.030
A. Sharma and S. K. Sahay, “An investigation of the classifiers to detect android malicious apps,” 2016. DOI: https://doi.org/10.1007/978-981-10-5508-9_20
D. Ö. Şahin, O. E. Kural, S. Akleylek, and E. Kiliç, “New results on permission based static analysis for Android malware,” 6th Int. Symp. Digit. Forensic Secur. ISDFS 2018 - Proceeding, vol. 2018-Janua, pp. 1–4, 2018. DOI: https://doi.org/10.1109/ISDFS.2018.8355377
J. Rudy, “Early rd Early bi rd,” vol. 19, no. 3, pp. 257–279, 2018.
X. Ge, Y. Pan, Y. Fan, and C. Fang, “AMDroid: Android Malware Detection Using Function Call Graphs,” Proc. - Companion 19th IEEE Int. Conf. Softw. Qual. Reliab. Secur. QRS-C 2019, pp. 71–77, 2019. DOI: https://doi.org/10.1109/QRS-C.2019.00027
L. Taheri, A. F. A. Kadir, and A. H. Lashkari, “Extensible android malware detection and family classification using network-flows and API-calls,” Proc. - Int. Carnahan Conf. Secur. Technol., vol. 2019-October, no. Cic, 2019. DOI: https://doi.org/10.1109/CCST.2019.8888430
N. Huang, M. Xu, N. Zheng, T. Qiao, and K. K. R. Choo, “Deep android malware classification with API-based feature graph,” Proc. - 2019 18th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. IEEE Int. Conf. Big Data Sci. Eng. Trust. 2019, pp. 296–303, 2019. DOI: https://doi.org/10.1109/TrustCom/BigDataSE.2019.00047
Z. Zhang, C. Chang, P. Han, and H. Zhang, “Packed malware variants detection using deep belief networks,” MATEC Web Conf., vol. 309, p. 02002, 2020. DOI: https://doi.org/10.1051/matecconf/202030902002
Hernandez Jimenez and K. Goseva-Popstojanova, “Malware Detection Using Power Consumption and Network Traffic Data,” Proc. - 2019 2nd Int. Conf. Data Intell. Secur. ICDIS 2019, pp. 53–59, 2019. DOI: https://doi.org/10.1109/ICDIS.2019.00016
Y. Zhang, Q. Huang, X. Ma, Z. Yang, and J. Jiang, “Using multi-features and ensemble learning method for imbalanced Malware classification,” Proc. - 15th IEEE Int. Conf. Trust. Secur. Priv. Comput. Commun. 10th IEEE Int. Conf. Big Data Sci. Eng. 14th IEEE Int. Symp. Parallel Distrib. Proce, pp. 965–973, 2016.
M. Kruczkowski and E. Niewiadomska-Szynkiewicz, “Comparative study of supervised learning methods for malware analysis,” J. Telecommun. Inf. Technol., vol. 2014, no. 4, pp. 24–33, 2014. DOI: https://doi.org/10.26636/jtit.2014.4.1044
I. Firdausi, C. Lim, A. Erwin, and A. S. Nugroho, “Analysis of machine learning techniques used in behavior-based malware detection,” Proc. - 2010 2nd Int. Conf. Adv. Comput. Control Telecommun. Technol. ACT 2010, pp. 201–203, 2010. DOI: https://doi.org/10.1109/ACT.2010.33
N. Milosevic, A. Dehghantanha, and K. K. R. Choo, “Machine learning aided Android malware classification,” Comput. Electr. Eng., vol. 61, pp. 266–274, 2017. DOI: https://doi.org/10.1016/j.compeleceng.2017.02.013
Ke Xu, Yingjiu Li, Robert H. Deng “ICC Detector: ICC Based Malware Detection on Android,” IEEE Transactions on Information Forensics and Security, vol: 11, Issue: 6, pp. 1252–1264, 2016. DOI: https://doi.org/10.1109/TIFS.2016.2523912
Neha Tarar, Shweta Sharma, Dr. C. Rama Krishna “Analysis and Classification of Android Malware using Machine Learning Algorithms,” IEEE 3rd international conference on Inventive Computation Technologies, vol: 10, Issue: 3, 2018. DOI: https://doi.org/10.1109/ICICT43934.2018.9034337