{"title":"Hybrid machine learning model for malware analysis in android apps","authors":"Saba Bashir , Farwa Maqbool , Farhan Hassan Khan , Asif Sohail Abid","doi":"10.1016/j.pmcj.2023.101859","DOIUrl":null,"url":null,"abstract":"<div><p><span>Android<span><span> smartphones have been widely adopted across the globe. They have the capability to access private and confidential information resulting in these devices being targeted by malware devisers. The dramatic escalation of assaults build an awareness to create a robust system that detects the occurrence of malicious actions in </span>Android applications. The malware exposure study consists of static and dynamic analysis. This research work proposed a hybrid </span></span>machine learning<span><span><span> model based on static and dynamic analysis which offers efficient classification and detection of Android malware. The proposed novel malware classification technique can process any android application, then extracts its features, and predicts whether the applications under process is malware or benign. The proposed malware detection model can characterizes diverse malware types from Android platform with high positive rate. The proposed approach detects </span>malicious applications<span><span> in reduced execution time while also improving the security of Android as compared to existing approaches. State-of-the-art machine learning algorithms such as </span>Support Vector Machine, k-Nearest Neighbor, Naïve Bayes, and different ensembles are employed on benign and malign applications to assess the execution of all classifiers on permissions, API calls and intents to identify malware. The proposed technique is evaluated on Drebin, MalGenome and Kaggle dataset, and outcomes indicate that this robust system improved runtime detection of malware with high speed and accuracy. Best accuracy of 100% is achieved on benchmark dataset when compared with </span></span>state of the art techniques. Furthermore, the proposed approach outperforms state of the art techniques in terms of computational time, true positive rate, false positive rate, accuracy, precision, recall, and f-measure.</span></p></div>","PeriodicalId":49005,"journal":{"name":"Pervasive and Mobile Computing","volume":null,"pages":null},"PeriodicalIF":3.0000,"publicationDate":"2023-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Pervasive and Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574119223001177","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Android smartphones have been widely adopted across the globe. They have the capability to access private and confidential information resulting in these devices being targeted by malware devisers. The dramatic escalation of assaults build an awareness to create a robust system that detects the occurrence of malicious actions in Android applications. The malware exposure study consists of static and dynamic analysis. This research work proposed a hybrid machine learning model based on static and dynamic analysis which offers efficient classification and detection of Android malware. The proposed novel malware classification technique can process any android application, then extracts its features, and predicts whether the applications under process is malware or benign. The proposed malware detection model can characterizes diverse malware types from Android platform with high positive rate. The proposed approach detects malicious applications in reduced execution time while also improving the security of Android as compared to existing approaches. State-of-the-art machine learning algorithms such as Support Vector Machine, k-Nearest Neighbor, Naïve Bayes, and different ensembles are employed on benign and malign applications to assess the execution of all classifiers on permissions, API calls and intents to identify malware. The proposed technique is evaluated on Drebin, MalGenome and Kaggle dataset, and outcomes indicate that this robust system improved runtime detection of malware with high speed and accuracy. Best accuracy of 100% is achieved on benchmark dataset when compared with state of the art techniques. Furthermore, the proposed approach outperforms state of the art techniques in terms of computational time, true positive rate, false positive rate, accuracy, precision, recall, and f-measure.
期刊介绍:
As envisioned by Mark Weiser as early as 1991, pervasive computing systems and services have truly become integral parts of our daily lives. Tremendous developments in a multitude of technologies ranging from personalized and embedded smart devices (e.g., smartphones, sensors, wearables, IoTs, etc.) to ubiquitous connectivity, via a variety of wireless mobile communications and cognitive networking infrastructures, to advanced computing techniques (including edge, fog and cloud) and user-friendly middleware services and platforms have significantly contributed to the unprecedented advances in pervasive and mobile computing. Cutting-edge applications and paradigms have evolved, such as cyber-physical systems and smart environments (e.g., smart city, smart energy, smart transportation, smart healthcare, etc.) that also involve human in the loop through social interactions and participatory and/or mobile crowd sensing, for example. The goal of pervasive computing systems is to improve human experience and quality of life, without explicit awareness of the underlying communications and computing technologies.
The Pervasive and Mobile Computing Journal (PMC) is a high-impact, peer-reviewed technical journal that publishes high-quality scientific articles spanning theory and practice, and covering all aspects of pervasive and mobile computing and systems.