Abstract
Android’s openness and flexibility attract many cybercriminals to monitor user behavior or steal their personal information. To address these issues, different machine learning (ML) algorithms and models are proposed for classifying Android benign or malicious applications. Algorithms such as Random Forest (RF), SVM, and Naive Bayes (NB) can classify with high accuracy. Each model are trained on the specific data set with specific algorithms. And they play with different performance in different scenarios. Besides, if one training data set is polluted by attackers, it would be cause a high false alarm on benign apps or miss some malicious apps. In order to enhance the generality of classifications and improve the resistance on attacks to trained model, we propose a Weighted Voting Framework (WVF) for Android app’s vetting based on multiple machine learning models. Instead of classifying based on a single ML model, WVF makes the final decision through a weighted voting mechanism conducted on multiple ML models. The experimental results show that the performance of the model is improved compared to the single model before the combination.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Report on Mobile Phone Security in China in the First Quarter of 2020. http://news.yesky.com/331/707089831.shtml
Avdiienko, V., et al.: Mining apps for abnormal usage of sensitive data. In: 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, Florence, pp. 426–436 (2015). https://doi.org/10.1109/ICSE.2015.61
Enck, W., Ongtang, M., McDaniel, P.: On lightweight mobile phone application certification. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009), pp. 235–245. Association for Computing Machinery, New York (2009). https://doi.org/10.1145/1653662.1653691
Glodek, W., Harang, R.: Rapid permissions-based detection and analysis of mobile malware using random decision forests. In: MILCOM 2013 - 2013 IEEE Military Communications Conference, San Diego, CA, pp. 980–985 (2013). https://doi.org/10.1109/MILCOM.2013.170
Idrees, F., Rajarajan, M.: Investigating the android intents and permissions for malware detection. In: 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), Larnaca, pp. 354–358 (2014). https://doi.org/10.1109/WiMOB.2014.6962194
Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.E.R.T.: Drebin: effective and explainable detection of android malware in your pocket. In: NDSS, vol. 14, pp. 23–26, February 2014
Santos, I., Brezo, F., Ugarte-Pedrero, X., Bringas, P.G.: Opcode sequences as representation of executables for data-mining-based unknown malware detection. Inf. Sci. 231, 64–82 (2013). https://doi.org/10.1016/j.ins.2011.08.020
Tam, K., Khan, S.J., Fattori, A., Cavallaro, L.: Copperdroid: automatic reconstruction of android malware behaviors. In: NDSS, February 2015
Burguera, I., Zurutuza, U., Nadjm-Tehrani, S.: Crowdroid: behavior-based malware detection system for android. In: Proceedings of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices, pp. 15–26. ACM (2011). https://doi.org/10.1145/2046614.2046619
Chen, S., et al.: Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput. Secur. 73, 326–344 (2018)
Richter, A.N., Khoshgoftaar, T.M.: A review of statistical and machine learning methods for modeling cancer risk using structured clinical data. Artif. Intell. Med. 90, 1–14 (2018)
Hsieh, W.W.: Machine Learning Methods in the Environmental Sciences: Neural Networks and Kernels, chap. 7, pp. 157–169. Cambridge University Press, Cambridge (2009)
Alam, M.S., Vuong, S.T.: Random forest classification for detecting android malware. In: Green Computing and Communications, pp. 663–669 (2013)
Haykin, S.: Neural Networks and Learning Machines, 3rd edn. Prentice Hall, New Jersey (2008)
Zhang, H.: The optimality of Native Bayes. In: Proceedings of the Seventeenth International Florida Artificial Intelligence Research Society Conference (2004)
Arzt, S., et al.: FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps. SIGPLAN Not. 49(6), 259–269 (2014). https://doi.org/10.1145/2666356.2594299
Rasthofer, S., Arzt, S., Bodden, E.: A machine-learning approach for classifying and categorizing android sources and sinks. In: NDSS, vol. 14 (2014)
Lashkari, A.H., Kadir, A.F.A., Taheri, L., Ghorbani, A.A.: Toward developing a systematic approach to generate benchmark android malware datasets and classification. In: The Proceedings of the 52nd IEEE International Carnahan Conference on Security Technology (ICCST), Montreal, Quebec, Canada (2018)
Carlini, N., Wagner, D.: Towards evaluating the robustness of neural networks. In: Proceedings of IEEE Symposium on Security and Privacy (SP), pp. 39–57, May 2017
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Hui, H., Zhi, Y., Xi, N., Liu, Y. (2020). A Weighted Voting Framework for Android App’s Vetting Based on Multiple Machine Learning Models. In: Kutyłowski, M., Zhang, J., Chen, C. (eds) Network and System Security. NSS 2020. Lecture Notes in Computer Science(), vol 12570. Springer, Cham. https://doi.org/10.1007/978-3-030-65745-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-65745-1_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-65744-4
Online ISBN: 978-3-030-65745-1
eBook Packages: Computer ScienceComputer Science (R0)