Abstract
In this paper, a static analysis malware detection system based on machine learning techniques and making use of features like hardware components, requested permissions, application components, and filtered intents are extracted from various applications. Prominent features are selected as a part of dimensionality reduction using GSS coefficient and mutual information. Experiment has been evaluated on 3000 malware samples from Drebin dataset and on 1631 benign samples collected from Google Play Store. High ROC curve of 0.998 has been obtained for model developed using individual attributes with overall scanning time of 1.49 s. However, when the optimal features extracted from each category of attributes were aggregated a remarkable improvement in F-measure, i.e., 0.996 was noticed with a low FPR value of 0.003 concluding the fact that the approach can be used to support commercial AV.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Grace MC, Zhou Y, Zhang Q, Zou S, Jiang X (2012) Riskranker: scalable and accurate zero-day android malware detection. In: MobiSys, pp 281–294. ACM
Zhou W, Zhou Y, Jiang X, Ning P (2012) Detecting repackaged smartphone applications in third-party android marketplaces. In: Proceedings of second ACM conference on data and application security and privacy, pp 317–326. ACM
Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K (2014) Drebin: effective and explainable detection of android malware in your pocket. In: NDSS. The Internet Society
Wang W, Wang X, Feng D, Liu J, Han Z, Zhang X (2014) Exploring permission-induced risk in android applications for malicious application detection. IEEE Trans Inf Forensics Secur 9(11):1869–1882
Peng H, Gates CS, Sarma BP, Li N, Qi Y, Potharaju R, NitaRotaru C, Molloy I (2012) Using probabilistic generative models for ranking risks of android apps. In: ACM conference on computer and communications security, pp 241–252. ACM
Sarma BP, Li N, Gates CS, Potharaju R, Nita-Rotaru C, Molloy I (2012) Android permissions: a perspective combining risks and benefits. In: SACMAT, pp 13–22. ACM
Kang H, Jang J, Mohaisen A, Kim HK (2015) Detecting and classifying android malware using static analysis along with creator information. Int J Distrib Sens Netw, 479174: 9
Chakradeo S, Reaves B, Traynor P, Enck W (2013) MAST: triage for market-scale mobile malware analysis. In: Proceedings of security and privacy in wireless and mobile networks, ACM
Shabtai A, Kanonov U, Elovici Y, Glezer C, Weiss Y (2012) Andromaly: a behavioral malware detection framework for android devices. J Intell Inf Syst 38(1):161–190
Enck W, Ongtang M, McDaniel PD (2009) On lightweight mobile phone application certification. In: ACM conference on computer and communications security, pp 235–245. ACM
Felt AP, Chin E, Hanna S, Song D, Wagner D (2011) Android permissions demystified. In: ACM conference on computer and communications security, pp 627–638. ACM
Wu D, Mao C, Wei T, Lee H, Wu K (2012) Droidmat: android malware detection through manifest and API calls tracing. In: AsiaJCIS, pp 62–69. IEEE
Cen L, Gates C, Si L, Li N (2013) A probabilistic discriminant model for android malware detection with decompiled code. In: Dependable and secure computing, IEEE
Drebin Dataset. http://user.cs.uni-goettingen.de/~darp/drebin/
Androguard. http://code.google.com/p/androguard/
Largeron C, Moulin C, Gry M (2011) Entropy based feature selection for text categorization. In: SAC, pp 924–928. ACM
Sebastiani F (2002) Machine learning in automated text categorization. ACM Comput Surv 34:147
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
John, M.M., Vinod, P. (2018). Statistical Approach Using Meta Features for Android Malware Detection System. In: Bokhari, M., Agrawal, N., Saini, D. (eds) Cyber Security. Advances in Intelligent Systems and Computing, vol 729. Springer, Singapore. https://doi.org/10.1007/978-981-10-8536-9_27
Download citation
DOI: https://doi.org/10.1007/978-981-10-8536-9_27
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8535-2
Online ISBN: 978-981-10-8536-9
eBook Packages: EngineeringEngineering (R0)