Hybrid machine learning model for malware analysis in android apps

IF 3 3区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
Saba Bashir , Farwa Maqbool , Farhan Hassan Khan , Asif Sohail Abid
{"title":"Hybrid machine learning model for malware analysis in android apps","authors":"Saba Bashir ,&nbsp;Farwa Maqbool ,&nbsp;Farhan Hassan Khan ,&nbsp;Asif Sohail Abid","doi":"10.1016/j.pmcj.2023.101859","DOIUrl":null,"url":null,"abstract":"<div><p><span>Android<span><span> smartphones have been widely adopted across the globe. They have the capability to access private and confidential information resulting in these devices being targeted by malware devisers. The dramatic escalation of assaults build an awareness to create a robust system that detects the occurrence of malicious actions in </span>Android applications. The malware exposure study consists of static and dynamic analysis. This research work proposed a hybrid </span></span>machine learning<span><span><span> model based on static and dynamic analysis which offers efficient classification and detection of Android malware. The proposed novel malware classification technique can process any android application, then extracts its features, and predicts whether the applications under process is malware or benign. The proposed malware detection model can characterizes diverse malware types from Android platform with high positive rate. The proposed approach detects </span>malicious applications<span><span> in reduced execution time while also improving the security of Android as compared to existing approaches. State-of-the-art machine learning algorithms such as </span>Support Vector Machine, k-Nearest Neighbor, Naïve Bayes, and different ensembles are employed on benign and malign applications to assess the execution of all classifiers on permissions, API calls and intents to identify malware. The proposed technique is evaluated on Drebin, MalGenome and Kaggle dataset, and outcomes indicate that this robust system improved runtime detection of malware with high speed and accuracy. Best accuracy of 100% is achieved on benchmark dataset when compared with </span></span>state of the art techniques. Furthermore, the proposed approach outperforms state of the art techniques in terms of computational time, true positive rate, false positive rate, accuracy, precision, recall, and f-measure.</span></p></div>","PeriodicalId":49005,"journal":{"name":"Pervasive and Mobile Computing","volume":"97 ","pages":"Article 101859"},"PeriodicalIF":3.0000,"publicationDate":"2023-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pervasive and Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574119223001177","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Android smartphones have been widely adopted across the globe. They have the capability to access private and confidential information resulting in these devices being targeted by malware devisers. The dramatic escalation of assaults build an awareness to create a robust system that detects the occurrence of malicious actions in Android applications. The malware exposure study consists of static and dynamic analysis. This research work proposed a hybrid machine learning model based on static and dynamic analysis which offers efficient classification and detection of Android malware. The proposed novel malware classification technique can process any android application, then extracts its features, and predicts whether the applications under process is malware or benign. The proposed malware detection model can characterizes diverse malware types from Android platform with high positive rate. The proposed approach detects malicious applications in reduced execution time while also improving the security of Android as compared to existing approaches. State-of-the-art machine learning algorithms such as Support Vector Machine, k-Nearest Neighbor, Naïve Bayes, and different ensembles are employed on benign and malign applications to assess the execution of all classifiers on permissions, API calls and intents to identify malware. The proposed technique is evaluated on Drebin, MalGenome and Kaggle dataset, and outcomes indicate that this robust system improved runtime detection of malware with high speed and accuracy. Best accuracy of 100% is achieved on benchmark dataset when compared with state of the art techniques. Furthermore, the proposed approach outperforms state of the art techniques in terms of computational time, true positive rate, false positive rate, accuracy, precision, recall, and f-measure.

用于安卓应用程序恶意软件分析的混合机器学习模型
安卓智能手机已被全球广泛采用。它们能够访问私人和机密信息,因此成为恶意软件开发者的攻击目标。攻击的急剧升级使人们意识到需要创建一个强大的系统来检测安卓应用程序中是否存在恶意行为。恶意软件暴露研究包括静态和动态分析。这项研究工作提出了一种基于静态和动态分析的混合机器学习模型,可对安卓恶意软件进行高效分类和检测。所提出的新型恶意软件分类技术可以处理任何安卓应用程序,然后提取其特征,并预测所处理的应用程序是恶意软件还是良性应用程序。所提出的恶意软件检测模型能以较高的阳性率识别安卓平台上各种类型的恶意软件。与现有方法相比,所提出的方法能在更短的执行时间内检测出恶意应用程序,同时还能提高安卓系统的安全性。在良性和恶意应用程序上采用了支持向量机、k-近邻、奈夫贝叶斯等最先进的机器学习算法和不同的组合,以评估所有分类器对权限、API 调用和意图的执行情况,从而识别恶意软件。我们在 Drebin、MalGenome 和 Kaggle 数据集上对所提出的技术进行了评估,结果表明这种强大的系统提高了运行时检测恶意软件的速度和准确性。与最先进的技术相比,该系统在基准数据集上的准确率达到了 100%。此外,所提出的方法在计算时间、真阳性率、假阳性率、准确率、精确度、召回率和 f-measure 方面都优于现有技术。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Pervasive and Mobile Computing
Pervasive and Mobile Computing COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS
CiteScore
7.70
自引率
2.30%
发文量
80
审稿时长
68 days
期刊介绍: As envisioned by Mark Weiser as early as 1991, pervasive computing systems and services have truly become integral parts of our daily lives. Tremendous developments in a multitude of technologies ranging from personalized and embedded smart devices (e.g., smartphones, sensors, wearables, IoTs, etc.) to ubiquitous connectivity, via a variety of wireless mobile communications and cognitive networking infrastructures, to advanced computing techniques (including edge, fog and cloud) and user-friendly middleware services and platforms have significantly contributed to the unprecedented advances in pervasive and mobile computing. Cutting-edge applications and paradigms have evolved, such as cyber-physical systems and smart environments (e.g., smart city, smart energy, smart transportation, smart healthcare, etc.) that also involve human in the loop through social interactions and participatory and/or mobile crowd sensing, for example. The goal of pervasive computing systems is to improve human experience and quality of life, without explicit awareness of the underlying communications and computing technologies. The Pervasive and Mobile Computing Journal (PMC) is a high-impact, peer-reviewed technical journal that publishes high-quality scientific articles spanning theory and practice, and covering all aspects of pervasive and mobile computing and systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信