Permissions-based detection of android malware using machine learning

Akbar, Fahad and Hussain, Mehdi and Mumtaz, Rafia and Riaz, Qaiser and Abdul Wahab, Ainuddin Wahid and Jung, Ki-Hyun (2022) Permissions-based detection of android malware using machine learning. Symmetry-Basel, 14 (4). ISSN 2073-8994, DOI https://doi.org/10.3390/sym14040718.

Full text not available from this repository.

Abstract

Malware applications (Apps) targeting mobile devices are widespread, and compromise the sensitive and private information stored on the devices. This is due to the asymmetry between informative permissions and irrelevant and redundant permissions for benign Apps. It also depends on the characteristics of the Android platform, such as adopting an open-source policy, supporting unofficial App stores, and the great tolerance for App verification; therefore the Android platform is destined to face such malicious intrusions. In this paper, we propose a permissions-based malware detection system (PerDRaML) that determines the App's maliciousness based on the usage of suspicious permissions. The system uses a multi-level based methodology; we first extract and identify the significant features such as permissions, smali sizes, and permission rates from a manually collected dataset of 10,000 applications. Further, we employ various machine learning models to categorize the Apps into their malicious or benign categories. Through extensive experimentations, the proposed method successfully identifies the 5 x most significant features to predict malicious Apps. The proposed method outperformed the existing techniques by achieving high accuracies of malware detection i.e., 89.7% with Support Vector Machine, 89.96% with Random Forest, 86.25% with Rotation Forest, and 89.52% with Naive Bayes models. Moreover, the proposed method optimized up to similar to 77% of the feature set as compared to the recent approaches, while improving the evaluation metrics such as precision, sensitivity, accuracy, and F-measure. The experimental results show that the proposed system provides a high level of symmetry between irrelevant permissions and malware Apps. Further, the proposed system is promising and may provide a low-cost alternative for Android malware detection for malicious or repackaged Apps.

Item Type: Article
Funders: National Research Foundation of Korea, Ministry of Education (MOE), Republic of Korea National Research Council for Economics, Humanities & Social Sciences, Republic of Korea [Grant No: 2021R1I1A3049788], National Research Foundation of Korea [Grant No: 2019H1D3A1A01101687 & 2021H1D3A2A01099390], National University of Sciences and Technology, Islamabad, Pakistan, National Research Foundation of Korea [Grant No: 2021H1D3A2A01099390 & 2019H1D3A1A01101687]
Uncontrolled Keywords: Malware detection; Repackaged applications; Suspicious permissions; Static malware analysis
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: Faculty of Computer Science & Information Technology > Department of Computer System & Technology
Depositing User: Ms. Juhaida Abd Rahim
Date Deposited: 29 Sep 2023 06:02
Last Modified: 29 Sep 2023 06:02
URI: http://eprints.um.edu.my/id/eprint/42909

Actions (login required)

View Item View Item
UM Research Repository is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.