A novel feature selection technique: Detection and classification of Android malware

IF 5 3区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Egyptian Informatics Journal Pub Date : 2025-01-27 DOI:10.1016/j.eij.2025.100618

Sandeep Sharma , Prachi , Rita Chhikara , Kavita Khanna

{"title":"A novel feature selection technique: Detection and classification of Android malware","authors":"Sandeep Sharma , Prachi , Rita Chhikara , Kavita Khanna","doi":"10.1016/j.eij.2025.100618","DOIUrl":null,"url":null,"abstract":"<div><div>Android operating system is not just the most commonly employed mobile operating system, but also the most lucrative target for cybercriminals due to its extensive user base. In light of this, the objective of this research is to uncover a few features that can significantly enhance the detection of Android malware through utilization of feature engineering. This work introduces a novel approach to feature selection that can discover a promising subset of features for effective malware detection. The proposed technique, Multi-Wrapper Hybrid Feature Selection Technique (MWHFST), integrates wrapper-based feature selection techniques to address the limitations of individual wrapper-based feature selection methods. The research employs extensive experiments on the Kronodroid dataset, a comprehensive and large-scale dataset, to gauge how well the proposed technique identifies and classifies malicious Android applications. Experimental results using machine learning algorithms demonstrate that the technique proposed in this research effectively integrates the advantages of individual feature selection techniques and exhibits the potential to identify a brief set of pivotal features for detecting Android malware. The proposed approach successfully identifies and categorizes malicious Android applications, achieving an accuracy of 98.8 % and 88 %, respectively, using only 31 features. This approach surpasses existing methods by delivering comparable performance with a significantly reduced number of features compared to individual approaches.</div></div>","PeriodicalId":56010,"journal":{"name":"Egyptian Informatics Journal","volume":"29 ","pages":"Article 100618"},"PeriodicalIF":5.0000,"publicationDate":"2025-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Egyptian Informatics Journal","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1110866525000118","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Android operating system is not just the most commonly employed mobile operating system, but also the most lucrative target for cybercriminals due to its extensive user base. In light of this, the objective of this research is to uncover a few features that can significantly enhance the detection of Android malware through utilization of feature engineering. This work introduces a novel approach to feature selection that can discover a promising subset of features for effective malware detection. The proposed technique, Multi-Wrapper Hybrid Feature Selection Technique (MWHFST), integrates wrapper-based feature selection techniques to address the limitations of individual wrapper-based feature selection methods. The research employs extensive experiments on the Kronodroid dataset, a comprehensive and large-scale dataset, to gauge how well the proposed technique identifies and classifies malicious Android applications. Experimental results using machine learning algorithms demonstrate that the technique proposed in this research effectively integrates the advantages of individual feature selection techniques and exhibits the potential to identify a brief set of pivotal features for detecting Android malware. The proposed approach successfully identifies and categorizes malicious Android applications, achieving an accuracy of 98.8 % and 88 %, respectively, using only 31 features. This approach surpasses existing methods by delivering comparable performance with a significantly reduced number of features compared to individual approaches.

查看原文本刊更多论文

一种新的特征选择技术：Android恶意软件的检测与分类

Android操作系统不仅是最常用的移动操作系统，而且由于其广泛的用户基础，也是网络犯罪分子最有利可图的目标。鉴于此，本研究的目的是通过利用特征工程发现一些可以显著增强Android恶意软件检测的特征。这项工作引入了一种新的特征选择方法，可以发现有效恶意软件检测的有前途的特征子集。所提出的多包装器混合特征选择技术（MWHFST）集成了基于包装器的特征选择技术，以解决单个基于包装器的特征选择方法的局限性。该研究在Kronodroid数据集（一个全面而大规模的数据集）上进行了广泛的实验，以衡量所提出的技术识别和分类恶意Android应用程序的效果。使用机器学习算法的实验结果表明，本研究中提出的技术有效地集成了单个特征选择技术的优势，并显示出识别一组简短的关键特征以检测Android恶意软件的潜力。所提出的方法成功地识别和分类了恶意Android应用程序，仅使用31个特征，准确率分别达到98.8%和88%。与单个方法相比，该方法通过显著减少特征数量来提供可比较的性能，从而超越了现有的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Egyptian Informatics Journal Decision Sciences-Management Science and Operations Research

CiteScore

11.10

自引率

1.90%

发文量

审稿时长

110 days

期刊介绍： The Egyptian Informatics Journal is published by the Faculty of Computers and Artificial Intelligence, Cairo University. This Journal provides a forum for the state-of-the-art research and development in the fields of computing, including computer sciences, information technologies, information systems, operations research and decision support. Innovative and not-previously-published work in subjects covered by the Journal is encouraged to be submitted, whether from academic, research or commercial sources.