Anti-Ant Framework for Android Malware Detection and Prevention Using Supervised Learning

Android users have been increasing drastically by the day, therefore apps for android users are being introduced frequently in the market which are currently available on the Play Store, APK Pure, APK Mirror, and other APK stores. Consequently, it is difficult to find apps that don't harm users' privacy, integrity, and intellectual property rights. For that reason, we made a framework named ANTI-ANT that detects malware apps and prevents them from harming the phone. We mainly target that malware which comprises of Botnets, Rootkits, SMS malware, Spywares, app installers, and ransomware. In this paper, we proposed a framework that consists of three layers of detection. The first layer is the application layer, the second layer is the user background layer, and the last one is the package layer, in order to distinguish malicious behaviors of malware. Both static and dynamic detection analyses are used for feature extraction of android malware, and then to classify them as malware or benign applications. The framework consists of the participation of multi-classifiers Logistic Regressor, Decision Tree, Random Forest, and Support Vector Machine. For the training and testing, we used 13,559 samples of malware that are analyzed on the datasets of CCCS-CIC-AndMal-2020 (Canadian Institute for Cybersecurity). We detect the malware in four phases. First, we analyze the features and then perform assessments, and in Phase four, we train the Machine Learning models to detect the malware and prevent it by using the malware block applist generated by our model. We run that framework on 500 android phones which checks their behavior in the background and the permissions that are used in their manifest file. After training, we got the results based on the labeled datasets for our ML Models, the SVM achieved the highest accuracy of 96.64%, along with the accuracy of 91.50% for Logistic Regressor.