International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Intelligent Android Malware Detection Using Radial Basis Function Networks and Permission Features

  • Abdulrahman, Ammar (Information Technology Department, Faculty of Computing and Information Technology, King Abdulaziz University) ;
  • Hashem, Khalid (Information Technology Department, Faculty of Computing and Information Technology, King Abdulaziz University) ;
  • Adnan, Gaze (Information Technology Department, Faculty of Computing and Information Technology, King Abdulaziz University) ;
  • Ali, Waleed (Information Technology Department, Faculty of Computing and Information Technology, King Abdulaziz University)
  • Received : 2021.06.05
  • Published : 2021.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, the quick development rate of apps in the Android platform has led to an accelerated increment in creating malware applications by cyber attackers. Numerous Android malware detection tools have utilized conventional signature-based approaches to detect malware apps. However, these conventional strategies can't identify the latest apps on whether applications are malware or not. Many new malware apps are periodically discovered but not all malware Apps can be accurately detected. Hence, there is a need to propose intelligent approaches that are able to detect the newly developed Android malware applications. In this study, Radial Basis Function (RBF) networks are trained using known Android applications and then used to detect the latest and new Android malware applications. Initially, the optimal permission features of Android apps are selected using Information Gain Ratio (IGR). Appropriately, the features selected by IGR are utilized to train the RBF networks in order to detect effectively the new Android malware apps. The empirical results showed that RBF achieved the best detection accuracy (97.20%) among other common machine learning techniques. Furthermore, RBF accomplished the best detection results in most of the other measures.

Keywords

References

  1. Kaspersky. IT threat evolution Q1 2020. Statistics. Accessed: Nov. 19, 2020. [Online]. Available: https://securelist.com/it-threat-evolution-q1-2020-statistics/96959/
  2. Buchanan, W. J., Chiale, S., Macfarlane, R.: A methodology for the security evaluation within third-party Android Marketplaces. Digital Investigation, 23, 88-98(2017). https://doi.org/10.1016/j.diin.2017.10.002
  3. Dini, G., Martinelli, F., Matteucci, I., Petrocchi, M., Saracino, A., Sgandurra, D.: Risk analysis of Android applications: A user-centric solution. Future Generation Computer Systems, 80, 505-518(2018). https://doi.org/10.1016/j.future.2016.05.035
  4. Abdullah, T., Ali, W., Abdulghafor, R.: Empirical Study on Intelligent Android Malware Detection based on Supervised Machine Learning. International Journal of Advanced Computer Science and Applications (IJACSA), 11(4), 215-224(2020).
  5. Wang, W., Li, Y., Wang, X., Liu, J., Zhang, X.: Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers. Future generation computer systems, 78, 987-994(2018). https://doi.org/10.1016/j.future.2017.01.019
  6. Idrees, F., Rajarajan, M., Conti, M., Chen, T. M., Rahulamathavan, Y.: PIndroid: A novel Android malware detection system using ensemble learning methods. Computers & Security, 68, 36-46 (2017). https://doi.org/10.1016/j.cose.2017.03.011
  7. Yerima, S. Y., Sezer, S., McWilliams, G.: Analysis of Bayesian classification-based approaches for Android malware detection. IET Information Security, 8(1), 25-36(2014). https://doi.org/10.1049/iet-ifs.2013.0095
  8. Yu, H., Xie, T., Paszczynski, S., Wilamowski, B. M.: Advantages of radial basis function networks for dynamic system design. IEEE Transactions on Industrial Electronics, 58(12), 5438-5450(2011). https://doi.org/10.1109/TIE.2011.2164773
  9. Sharma, A., Dash, S. K.: Mining API calls and permissions for Android malware detection. In Cryptology and Network Security. Cham, Switzerland: Springer Int., pp. 191-205(2014).
  10. Chan, P. P., Song, W. K.: Static detection of Android malware by using permissions and API calls. In Proc. Int. Conf. Mach. Learn. Cybern., Lanzhou, pp. 82-87(2014).
  11. Wang, W., Wang, X., Feng, D., Liu, J., Han, Z., Zhang, X.: Exploring permission-induced risk in android applications for malicious application detection. IEEE Transactions on Information Forensics and Security, 9(11), 1869-1882(2014). https://doi.org/10.1109/TIFS.2014.2353996
  12. Cen, L., Gates, C. S., Si, L., Li, N.: A probabilistic discriminative model for android malware detection with decompiled source code. IEEE Transactions on Dependable and Secure Computing, 12(4), 400-412(2014). https://doi.org/10.1109/TDSC.2014.2355839
  13. Abdulla, S., Altaher, A.: Intelligent Approach for Android Malware Detection. KSII Transactions on Internet and Information Systems, 9(8): 2964 - 2983(2015). https://doi.org/10.3837/tiis.2015.08.012
  14. Yuan, Z., Lu, Y., Xue, Y.: Droiddetector: android malware characterization and detection using deep learning. Tsinghua Science and Technology, 21(1), 114-123 (2016). https://doi.org/10.1109/TST.2016.7399288
  15. Altaher, A.: An improved Android malware detection scheme based on an evolving hybrid neuro-fuzzy classifier (EHNFC) and permission-based features. Neural Computing and Applications, 28(12), 4147-4157(2017). https://doi.org/10.1007/s00521-016-2708-7
  16. Varsha, M. V., Vinod, P., & Dhanya, K. A.: Identification of malicious android app using manifest and opcode features. Journal of Computer Virology and Hacking Techniques, 13(2), 125-138(2017). https://doi.org/10.1007/s11416-016-0277-z
  17. Ali, W.: Hybrid Intelligent Android Malware Detection Using Evolving Support Vector Machine ased on Genetic Algorithm and Particle Swarm Optimization. International Journal of Computer Science and Network Security (IJCSNS), 19(9), 15-28 (2019).
  18. Genome. Android Malware Genome Project. Accessed: February. 14, 2021. [Online]. Available: http://www.malgenomeproject.org
  19. Contagio. Contagio Mobile: mobile malware mini dump. Accessed: February. 14, 2021. [Online]. Available: http://contagiominidump.blogspot.co.uk
  20. GitHub. certtools. Accessed: Nov. 20, 2020. [Online]. Available: https://github.com/certtools/malware_name_mapping
  21. Google Play. Google Play Store. Accessed: Nov. 20, 2020. [Online]. Available: https://play.google.com/store?hl=en
  22. VirusShare. VirusShare.com. Accessed: Nov. 20, 2020. [Online]. Available: https://virusshare.com
  23. GitHub. Mitchellkrogza. Accessed: Nov. 20, 2020. [Online]. Available:https://github.com/mitchellkrogza/TheBig-List-of-Hacked-Malware-Web-Sites
  24. TheZoo. The Zoo aka Malware DB. Accessed: Nov. 20, 2020. [Online]. Available: http://ytisf.github.io/theZoo
  25. Virusbay. Virusbay.com. Accessed: Nov. 20, 2020. [Online]. Available: https://beta.virusbay.io/
  26. Dasmalwerk. DAS MALWERK // malware samples. Accessed: Nov. 20, 2020. [Online]. Available: https://dasmalwerk.eu/
  27. Figshare. Android malware dataset for machine learning 1. Accessed: Nov. 19, 2020. [Online]. Available: https://figshare.com/articles/Android_malware_dataset_for_machine_learning_1/5854590/1
  28. Yerima, S. Y., & Sezer, S.: Droidfusion: A novel multilevel classifier fusion approach for android malware detection. IEEE transactions on cybernetics, 49(2), 453-466(2018). https://doi.org/10.1109/tcyb.2017.2777960
  29. Ali, W.: Phishing Website Detection based on Supervised Machine Learning with Wrapper Features Selection. International Journal of Advanced Computer Science and Applications (IJACSA), 8(9), 72-78(2017).
  30. Ali, W., & Ahmed, A. A.: Hybrid intelligent phishing website prediction using deep neural networks with genetic algorithm-based feature selection and weighting. IET Information Security, 13(6), 659-669(2019). https://doi.org/10.1049/iet-ifs.2019.0006
  31. Yerima, S. Y., Sezer, S., Muttik, I. High accuracy android malware detection using ensemble learning. IET Information Security, 9(6), 313-320(2015). https://doi.org/10.1049/iet-ifs.2014.0099