International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Generate Optimal Number of Features in Mobile Malware Classification using Venn Diagram Intersection

  • Received : 2022.07.05
  • Published : 2022.07.30
Download PDF
⟨ Previous Next ⟩

Abstract

Smartphones are growing more susceptible as technology develops because they contain sensitive data that offers a severe security risk if it falls into the wrong hands. The Android OS includes permissions as a crucial component for safeguarding user privacy and confidentiality. On the other hand, mobile malware continues to struggle with permission misuse. Although permission-based detection is frequently utilized, the significant false alarm rates brought on by the permission-based issue are thought to make it inadequate. The present detection method has a high incidence of false alarms, which reduces its ability to identify permission-based attacks. By using permission features with intent, this research attempted to improve permission-based detection. However, it creates an excessive number of features and increases the likelihood of false alarms. In order to generate the optimal number of features created and boost the quality of features chosen, this research developed an intersection feature approach. Performance was assessed using metrics including accuracy, TPR, TNR, and FPR. The most important characteristics were chosen using the Correlation Feature Selection, and the malicious program was categorized using SVM and naive Bayes. The Intersection Feature Technique, according to the findings, reduces characteristics from 486 to 17, has a 97 percent accuracy rate, and produces 0.1 percent false alarms.

Keywords

Acknowledgement

We want to express our appreciation to the Universiti Teknikal Malaysia Melaka (UTeM) for their constant support in getting the authors to publish this work.

References

  1. StatCounter, "Mobile Operating System Market Share Worldwide," StatCounter, 2021. .
  2. W. J. Buchanan, S. Chiale, and R. Macfarlane, "A methodology for the security evaluation within third-party Android Marketplaces," Digit. Investig., vol. 23, pp. 88-98, 2017. https://doi.org/10.1016/j.diin.2017.10.002
  3. F. Martinelli, F. Mercaldo, V. Nardone, A. Santone, and C. A. Visaggio, "Identifying mobile repackaged applications through formal methods," ICISSP 2017 - Proc. 3rd Int. Conf. Inf. Syst. Secur. Priv., vol. 2017-Janua, no. Icissp, pp. 673-682, 2017.
  4. S. Kandukuru and R. M. Sharma, "Android malicious application detection using permission vector and network traffic analysis," 2017 2nd Int. Conf. Converg. Technol. I2CT 2017, vol. 2017-Janua, pp. 1126-1132, 2017.
  5. J. Duarte, "A Survey of Android Attacks Detection Techniques," in Digital Privacy and Security Conference (DPSC), 2020, no. February, pp. 106-117.
  6. C. Chen, J. Lin, and G.-H. Lai, "Detecting Mobile Application Malicious Behaviors Based on Data Flow of Source Code," in International Conference on Trustworthy Systems and their Applications Detecting, 2014, pp. 1-6.
  7. W. Wang, Z. Gao, M. Zhao, Y. Li, J. Liu, and X. Zhang, "DroidEnsemble: Detecting Android Malicious Applications with Ensemble of String and Structural Static Features," IEEE Access, vol. 6, no. c, pp. 31798-31807, 2018. https://doi.org/10.1109/ACCESS.2018.2835654
  8. G. Kirubavathi and R. Anitha, "Structural analysis and detection of android botnets using machine learning techniques," Int. J. Inf. Secur., vol. 17, no. 2, pp. 153-167, 2018. https://doi.org/10.1007/s10207-017-0363-3
  9. P. Feng, J. MA, C. SUN, X. XU1, and Y. MA, "A Novel Dynamic Android Malware Detection System With Ensemble Learning," IEEE Trans. JOURNALS, vol. 4, no. c, 2018.
  10. F. M. Faqiry, "Scrutinizing Permission Based Attack on Android Os Platform Devices," Int. J. Adv. Res. Comput. Sci., vol. 8, no. 7, pp. 421-426, 2017. https://doi.org/10.26483/ijarcs.v8i7.4212
  11. V. Kouliaridis, G. Kambourakis, D. Geneiatakis, and N. Potha, "Two anatomists are better than one-Dual-level android malware detection," Symmetry (Basel)., vol. 12, no. 7, pp. 1-21, 2020.
  12. M. Al Ali, D. Svetinovic, Z. Aung, and S. Lukman, "Malware Detection in Android Mobile Platform using Machine Learning Algorithms," in International Conference on Infocom Technologies and Unmanned Systems (Trends and Future Directions) (ICTUS), 2017, pp. 4-9.
  13. P. Yan and Z. Yan, "A survey on dynamic mobile malware detection," Softw. Qual. J., vol. 26, no. 3, pp. 1-31, 2017.
  14. A. K. Chakravarty and S. Paul, "A study of signaturebased and behaviour-based malware detection approaches," Int. J. Adv. Res. Ideas Innov. Technol. ISSN, vol. 5, no. 3, pp. 1509-1511, 2019.
  15. D. O. Sahin, O. E. Kural, S. Akleylek, and E. Kilic, "A novel permission-based Android malware detection system using feature selection based on linear regression," Neural Comput. Appl., vol. 1, p. 5875, 2021.
  16. P. Wijesekera, A. Baokar, L. Tsai, and J. Reardon, "The Feasibility of Dynamically Granted Permissions: Aligning Mobile Privacy with User Preferences," Proc. - IEEE Symp. Secur. Priv., pp. 1077-1093, 2017.
  17. Z. Abdullah and M. M. Saudi, "RAPID-Risk Assessment of Android Permission and Application Programming Interface ( API ) Call for Android Botnet," no. October, 2018.
  18. H. Bagheri, E. Kang, S. Malek, and D. Jackson, "A formal approach for detection of security flaws in the android permission system," Form. Asp. Comput., vol. 30, no. 5, pp. 525-544, 2018. https://doi.org/10.1007/s00165-017-0445-z
  19. B. F. Demissie, M. Ceccato, and L. K. Shar, "Security analysis of permission re-delegation vulnerabilities in Android apps," Empir. Softw. Eng., vol. 25, no. 6, pp. 5084-5136, 2020. https://doi.org/10.1007/s10664-020-09879-8
  20. M. W. Afridi, T. Ali, T. Alghamdi, T. Ali, and M. Yasar, "Android application behavioral analysis through intent monitoring," in International Symposium on Digital Forensic and Security, ISDFS 2018, 2018, vol. 6, pp. 1-8.
  21. A. Feizollah, N. B. Anuar, R. Salleh, G. Suarez-Tangil, and S. Furnell, "AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection," Comput. Secur., vol. 65, no., pp. 121-134, 2017. https://doi.org/10.1016/j.cose.2016.11.007
  22. R. Chang et al., "Towards a multilayered permissionbased access control for extending Android security," Concurr. Comput., vol. 30, no. 5, 2018.
  23. L. Shi, J. Fu, Z. Guo, and J. Ming, "'Jekyll and hyde' is risky: Shared-everything threat mitigation in dual-instance apps*," in MobiSys 2019 - Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services, 2019, pp. 225-235.
  24. S. Kumar, R. Shanker, and S. Verma, "Context aware dynamic permission model: A retrospect of privacy and security in android system," in Proceedings - 2nd International Conference on Intelligent Circuits and Systems, ICICS 2018, 2018, pp. 330-333.
  25. J. Xiao, S. Chen, Q. He, Z. Feng, and X. Xue, "An Android application risk evaluation framework based on minimum permission set identification," J. Syst. Softw., vol. 163, p. 110533, 2020. https://doi.org/10.1016/j.jss.2020.110533
  26. R. Kumar, X. Zhang, R. Khan, and A. Sharif, "Research on Data Mining of Permission-Induced Risk for Android IoT Devices," Appl. Sci., vol. 9, no. 2, p. 277, 2019. https://doi.org/10.3390/app9020277
  27. A. Bhattacharya and R. T. Goswami, "A Hybrid Community Based Rough Set Feature Selection Technique in Android Malware Detection," in Smart Trends in Systems, Security and Sustainability., 2018, no. 18, pp. 249-258.
  28. C. La, P. Myo, and K. M. Myo, "Permission-based Feature Selection for Android Malware Detection and Analysis," Int. J. Comput. Appl., vol. 181, no. 19, pp. 29-39, 2018. https://doi.org/10.5120/ijca2018917902
  29. M. Hammad, H. Bagheri, and S. Malek, "DELDROID: An automated approach for determination and enforcement of least-privilege architecture in android," J. Syst. Softw., vol. 149, pp. 83-100, 2019. https://doi.org/10.1016/j.jss.2018.11.049
  30. W. Y. Lee, J. Saxe, and R. Harang, "SeqDroid: Obfuscated android malware detection using stacked convolutional and recurrent neural networks," Adv. Sci. Technol. Secur. Appl., pp. 197-210, 2019.
  31. M. Fan, J. Liu, W. Wang, H. Li, Z. Tian, and T. Liu, "DAPASA: Detecting Android Piggybacked Apps Through Sensitive Subgraph Analysis," IEEE Trans. Inf. Forensics Secur., vol. 12, no. 8, pp. 1772-1785, 2017. https://doi.org/10.1109/TIFS.2017.2687880
  32. A. Sadeghi, R. Jabbarvand, N. Ghorbani, H. Bagheri, and S. Malek, "A temporal permission analysis and enforcement framework for Android," in Proceedings of the 40th International Conference on Software Engineering - ICSE '18, 2018, pp. 846-857.
  33. H. Shahriar and M. Islam, "Android Malware Detection Using Permission Analysis," IEEE Conf. Proc., vol. 2017, no. SoutheastCon, pp. 1-6, 2017.
  34. F. I. Abro, M. Rajarajana, and T. Chen, "Mobile Malware detection with permissions and intents analysis," p. 2014, 2014.
  35. M. Yusof, M. M. Saudi, and F. Ridzuan, "A new mobile botnet classification based on permission and API calls," in Proceedings - 2017 7th International Conference on Emerging Security Technologies, EST 2017, 2017, pp. 122-127.
  36. A. Talha and I. Alper, "An in-depth analysis of Android malware using hybrid techniques," Digit. Investig., vol. 24, pp. 25-33, 2018. https://doi.org/10.1016/j.diin.2018.01.001
  37. M. K. Alzaylaee, S. Y. Yerima, and S. Sezer, "Improving Dynamic Analysis of Android Apps Using Hybrid Test Input Generation," in International Conference On Cyber Security And Protection Of Digital Services, 2017, pp. 1-8.
  38. C. Wang and Y. Lan, "PFESG : Permission-based Android Malware Feature Extraction Algorithm," in ICNCC 2017: Proceedings of the 2017 VI International Conference on Network, Communication and Computing, 2017, pp. 106-109.
  39. J. Cai, J. Luo, S. Wang, and S. Yang, "Feature selection in machine learning: A new perspective," Neurocomputing, vol. 300, pp. 70-79, 2018. https://doi.org/10.1016/j.neucom.2017.11.077
  40. E. M. Karabulut, S. A. Ozel, and T. Ibrikci, "A comparative study on the effect of feature selection on classification accuracy," Procedia Technol., vol. 1, pp. 323-327, 2012. https://doi.org/10.1016/j.protcy.2012.02.068
  41. A. Sharma and S. Dey, "Performance Investigation of Feature Selection Methods and Sentiment Lexicons for Sentiment Analysis," Int. J. Comput. Appl., no. June, pp. 15-20, 2012.
  42. R. Kaur and M. Sachdeva, "Study and Comparison of Feature Selection Approaches for Intrusion Detection," in Proceedings on International Conference on Advances in Emerging Technology, 2016, vol. 2, pp. 1-7.
  43. X. Liu and J. Liu, "A two-layered permission-based android malware detection scheme," Proc. - 2nd IEEE Int. Conf. Mob. Cloud Comput. Serv. Eng. MobileCloud, pp. 142-148, 2014.