Abstract
This chapter introduces PerbDroid—a framework to detect malware from Android smartphones. To address the issues of malware detection through a broad set of apps, researchers have recently started to identify the features which helps to detect malware from apps. The proposed framework is based on features selection techniques which help us to develop a useful model for malware detection. We collected a data set of 2,00,000 Android apps from distinct sources and extracted permissions and API calls from them (consider as features in this study). Further, features are selected by using six different feature ranking approaches (i.e., Gain Ratio, OneR feature evaluation, Chi-squared test, Information gain feature evaluation, Principal Component Analysis (PCA) and Logistic regression analysis) to develop the model for malware detection. We evaluated several machine learning algorithms and feature selection methods in identifying the combination that gives the foremost performance to detect malware from real-world apps. Empirical outcomes illustrate that the proposed framework is useful to detect malware from smartphones mainly and in particularly from Android.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
See footnote 14.
- 16.
References
Allix, K., Bissyandé, T.F., Jérome, Q., Klein, J., Le Traon, Y.: Empirical assessment of machine learning-based malware detectors for android. Empir. Softw. Eng. 21(1), 183–211 (2016)
Narudin, F.A., Feizollah, A., Anuar, N.B., Gani, A.: Evaluation of machine learning classifiers for mobile malware detection. Soft Comput. 20(1), 343–357 (2016)
Afifi, F., Anuar, N.B., Shamshirband, S., Choo, K.K.R.: DyHAP: dynamic hybrid ANFIS-PSO approach for predicting mobile malware. PloS One 11(9), e0162627 (2016)
Ab Razak, M.F., Anuar, N.B., Salleh, R., Firdaus, A.: The rise of “malware”: bibliometric analysis of malware study. J. Netw. Comput. Apps 75, 58–76 (2016)
Aafer, Y., Du, W., Yin, H.: Droidapiminer: mining api-level features for robust malware detection in android. In: International Conference on Security and Privacy in Communication Systems, pp. 86–103. Springer, Cham (2013)
Talha, K.A., Alper, D.I., Aydin, C.: APK auditor: permission-based android malware detection system. Digit. Investig. 13, 1–14 (2015)
Suarez-Tangil, G., Tapiador, J.E., Peris-Lopez, P., Blasco, J.: Dendroid: a text mining approach to analyzing and classifying code structures in android malware families. Expert. Syst. Appl. 41(4), 1104–1117 (2014)
Firdaus, A., Anuar, N.B., Ab Razak, M.F., Sangaiah, A.K.: Bio-inspired computational paradigm for feature investigation and malware detection: interactive analytics. Multimed. Tools Appl. 1–37 (2017)
Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Sci. Technol. 21(1), 114–123 (2016)
Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: Droidmat: android malware detection through manifest and api calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security, pp. 62–69. IEEE (2012)
Faruki, P., Ganmoor, V., Laxmi, V., Gaur, M.S., Bharmal, A.: AndroSimilar: robust statistical feature signature for Android malware detection. In: Proceedings of the 6th International Conference on Security of Information and Networks, pp. 152–159. ACM (2013)
Wu, S., Wang, P., Li, X., Zhang, Y.: Effective detection of android malware based on the usage of data flow APIs and machine learning. Inf. Softw. Technol. 75, 17–25 (2016)
Qiao, M., Sung, A. H., Liu, Q.: Merging permission and API features for android malware detection. In: 2016 5th IIAI International Congress on Advanced Applied Informatics (IIAI-AAI), pp. 566–571. IEEE (2016)
Wang, S., Yan, Q., Chen, Z., Yang, B., Zhao, C., Conti, M.: Detecting android malware leveraging text semantics of network flows. IEEE Trans. Inf. Forensics Secur. 13(5), 1096–1109 (2017)
Zhu, H.J., You, Z.H., Zhu, Z.X., Shi, W.L., Chen, X., Cheng, L.: DroidDet: effective and robust detection of android malware using static analysis along with rotation forest model. Neurocomputing 272, 638–646 (2018)
Vinayakumar, R., Soman, K.P., Poornachandran, P., Sachin Kumar, S.: Detecting android malware using long short-term memory (LSTM). J. Intell. Fuzzy Syst. 34(3), 1277–1288 (2018)
Shen, F., Del Vecchio, J., Mohaisen, A., Ko, S.Y., Ziarek, L.: Android malware detection using complex-flows. IEEE Trans. Mob. Comput. (2018)
Huang, C.Y., Tsai, Y.T., Hsu, C.H.: Performance evaluation on permission-based detection for android malware. In: Advances in Intelligent Systems and Applications, vol. 2, pp. 111–120. Springer, Berlin, Heidelberg (2013)
Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G., Ãlvarez, G.: Puma: Permission usage to detect malware in android. In: International Joint Conference CISISâ12-ICEUTE 12-SOCO 12 Special Sessions, pp. 289–298. Springer, Berlin, Heidelberg (2013)
Shin, W., Kiyomoto, S., Fukushima, K., Tanaka, T.: Towards formal analysis of the permission-based security model for android. In: Fifth International Conference on Wireless and Mobile Communications, 2009. ICWMC’09, pp. 87–92. IEEE (2009)
Tang, W., Jin, G., He, J., Jiang, X.: Extending android security enforcement with a security distance model. In: 2011 International Conference on Internet Technology and Applications (iTAP), pp. 1–4. IEEE (2011)
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM conference on Computer and Communications Security, pp. 235–245. ACM (2009)
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011)
Shabtai, A., Kanonov, U., Elovici, Y., Glezer, C., Weiss, Y.: “Andromaly”: a behavioral malware detection framework for android devices. J. Intell. Inf. Syst. 38(1), 161–190 (2012)
Huang, W., Dong, Y., Milanova, A., Dolby, J.: Scalable and precise taint analysis for android. In: Proceedings of the 2015 International Symposium on Software Testing and Analysis, pp. 106–117. ACM (2015)
Mas’ud, M.Z., Sahib, S., Abdollah, M.F., Selamat, S.R., Yusof, R.: Analysis of features selection and machine learning classifier in android malware detection. In: 2014 International Conference on Information Science & Applications (ICISA), pp. 1–5. IEEE (2014)
Narayanan, A., Chandramohan, M., Chen, L., Liu, Y.: A multi-view context-aware approach to android malware detection and malicious code localization. Empir. Softw. Eng. 1–53 (2018)
Azmoodeh, A., Dehghantanha, A., Choo, K.K.R.: Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans. Sustain. Comput. (2018)
Kadir, A.F.A., Stakhanova, N., Ghorbani, A.A.: Android botnets: What urls are telling us. In: International Conference on Network and System Security, pp. 78-91. Springer, Cham (2015)
Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95–109. IEEE (2012)
Plackett, R.L.: Karl Pearson and the chi-squared test. Int. Stat. Rev./Revue Internationale de Statistique 59–72 (1983)
Novakovic, J.: The impact of feature selection on the accuracy of naïve bayes classifier. In: 18th Telecommunications Forum TELFOR, vol. 2, pp. 1113–1116 (2010)
Camargo Cruz, A.E., Ochimizu, K.: Towards logistic regression models for predicting fault-prone code across software projects. In: Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement, pp. 460–463. IEEE Computer Society (2009)
Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans. Inf. Forensics Secur. 9(11), 1869–1882 (2014)
Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: Drebin: effective and explainable detection of android malware in your pocket. In: Ndss, vol. 14, pp. 23–26 (2014)
Yuan, Z., Lu, Y., Wang, Z., Xue, Y.: Droid-sec: deep learning in android malware detection. In: ACM SIGCOMM Computer Communication Review, vol. 44, no. 4, pp. 371–372. ACM (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Mahindru, A., Sangal, A.L. (2020). PerbDroid: Effective Malware Detection Model Developed Using Machine Learning Classification Techniques. In: Singh, J., Bilgaiyan, S., Mishra, B., Dehuri, S. (eds) A Journey Towards Bio-inspired Techniques in Software Engineering. Intelligent Systems Reference Library, vol 185. Springer, Cham. https://doi.org/10.1007/978-3-030-40928-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-40928-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-40927-2
Online ISBN: 978-3-030-40928-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)