Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms | IEEE Conference Publication | IEEE Xplore

Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms


Abstract:

In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification ...Show More

Abstract:

In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the AndroidManifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with F1-score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.
Date of Conference: 29 December 2020 - 01 January 2021
Date Added to IEEE Xplore: 09 February 2021
ISBN Information:

ISSN Information:

Conference Location: Guangzhou, China

I. Introduction

The Android operating system remains one the most popular operating systems for malware. This is due to many factors; the Android operating system has the highest market share as compared to any other mobile operating system with a total market share of 65.7 percent as of September 2019 [1]. Moreover, unlike any other mobile operating systems such as iOS, Android also allows users to install unverified applications from third-party app stores and websites. Consequently, Android devices become more vulnerable to malicious attacks as its permission-based security architecture has already been proven to be ineffective for the security of the average user [2]. While Third-party app stores remain a source of malware, it has been observed that Google app store is also vulnerable to malware being by passed. In many cases malware applications have evaded Bouncer, an application verification tool for the Google Play Market[3]. Due to these contributing factors, the quantity and sophistication of malware has prevailed in recent years with a two-fold increase in malicious samples in last two years [4].

References

References is not available for this document.