A novel feature selection technique: Detection and classification of Android malware

Abstract

Android operating system is not just the most commonly employed mobile operating system, but also the most lucrative target for cybercriminals due to its extensive user base. In light of this, the objective of this research is to uncover a few features that can significantly enhance the detection of Android malware through utilization of feature engineering. This work introduces a novel approach to feature selection that can discover a promising subset of features for effective malware detection. The proposed technique, Multi-Wrapper Hybrid Feature Selection Technique (MWHFST), integrates wrapper-based feature selection techniques to address the limitations of individual wrapper-based feature selection methods. The research employs extensive experiments on the Kronodroid dataset, a comprehensive and large-scale dataset, to gauge how well the proposed technique identifies and classifies malicious Android applications. Experimental results using machine learning algorithms demonstrate that the technique proposed in this research effectively integrates the advantages of individual feature selection techniques and exhibits the potential to identify a brief set of pivotal features for detecting Android malware. The proposed approach successfully identifies and categorizes malicious Android applications, achieving an accuracy of 98.8 % and 88 %, respectively, using only 31 features. This approach surpasses existing methods by delivering comparable performance with a significantly reduced number of features compared to individual approaches.