International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Mitigating Mobile Malware Threats: Implementing Gaussian Naïve Bayes for Effective Banking Trojan Detection

  • Received : 2024.10.05
  • Published : 2024.10.30
Download PDF
⟨ Previous Next ⟩

Abstract

Mobile phones have become immensely popular as intelligent terminals worldwide. The open-source nature of mobile platforms has facilitated the development of third-party mobile applications, but it has also created an environment for mobile malware to thrive. Unfortunately, the abundance of mobile applications and lax management of some app stores has led to potential risks for mobile users, including privacy breaches and malicious deductions of fees, among other adverse consequences. This research presents a mobile malware static detection method based on Gaussian Naïve Bayes. The approach aims to offer a solution to protect users from potential threats such as Banking Trojan malware. The objectives of this project are to study the requirement of the Naïve Bayes algorithm in Mobile Banking Trojan detection, and to evaluate the performance and accuracy of the Gaussian Naïve Bayes algorithm in the Mobile Banking Trojan detection. This study presents a mobile banking trojan detection system utilizing the Gaussian Naïve Bayes algorithm, achieving a high classification accuracy of 95.83% in distinguishing between benign and trojan APK files.

Keywords

Acknowledgement

We want to express our appreciation to the Universiti Teknologi Mara Cawangan Terengganu Kampus Kuala Terengganu for their constant support in getting the authors to publish this work.

References

  1. Alshamkhany, M., Alshamkhany, W., Mansour, M., Khan, M., Dhou, S., & Aloul, F. (2020, November 17). Botnet Attack Detection using Machine Learning. https://doi.org/10.1109/iit50501.2020.9299061
  2. Ambore, S., Richardson, C A., Dogan, H., Apeh, E., & Osselton, D. (2017, October 1). A resilient cybersecurity framework for Mobile Financial Services (MFS). Taylor & Francis, 1(3-4), 202-224. https://doi.org/10.1080/23742917.2017.1386483
  3. Android Mobile Security Threats. (2023, November 8). Www.kaspersky.com. https://www.kaspersky.com/resourcecenter/threats/mobile
  4. Baker, K. (2021, January 14). 11 Types of Malware + Examples That You Should Know. Crowdstrike.com. https://www.crowdstrike.com/cybersecurity101/malware/types-of-malware/
  5. Cybleinc. (2021, December 1). Banking Trojan Targets Banking Users in Malaysia. Cyble. https://cyble.com/blog/banking-trojan-targets-bankingusers-in-malaysia/
  6. Datta, P., Tanwar, S., Panda, S N., & Rana, A. (2020, June 1). Security and Issues of M-Banking: A Technical Report.
  7. Dr.Web - Doctor Web's Q3 2024 review of virus activity on mobile devices. (2024). Dr.Web. https://news.drweb.com/show/review/?lng=en&i=14912
  8. Ferdous, J., Islam, R., Mahboubi, A., & Islam, Md. Z. (2023). A review of state-of-the-art malware attack trends and Defense Mechanisms. IEEE Access, 11, 121118-121141. https://doi.org/10.1109/access.2023.3328351
  9. Gharibi, W., & Mirza, A A. (2011, January 1). Software Vulnerabilities, Banking Threats, Botnets and Malware Self-Protection Technologies. Cornell University. https://doi.org/10.48550/arxiv.1105.1720
  10. Gholamy, A. (2018). Why 70/30 or 80/20 Relation Between Training and Testing Sets: A Pedagogical Explanation (V. Kreinovich & O. Kosheleva, Eds.) [Review of Why 70/30 or 80/20 Relation Between Training and Testing Sets: A Pedagogical Explanation]. https://scholarworks.utep.edu/cs_techrep/1209/
  11. Ioannis Gasparis, Qian, Z., Song, C., & Krishnamurthy, S. V. (2017). Detecting Android Root Exploits by Learning from Root Providers. USENIX Security Symposium, 1129-1144.
  12. Muhammad, Z., Anwar, Z., Javed, A. R., Saleem, B., Abbas, S., & Gadekallu, T. R. (2023). Smartphone Security and Privacy: A Survey on APTs, Sensor-Based Attacks, Side-Channel Attacks, Google Play Attacks, and Defenses. Technologies, 11(3), 76. https://doi.org/10.3390/technologies11030076
  13. Nguyen, T.-H., & Yoo, M. (2017). A behavior-based mobile malware detection model in software-defined networking. https://doi.org/10.1109/icisct.2017.8188590
  14. Qamar, A., Karim, A., & Chang, V. (2019). Mobile malware attacks: Review, taxonomy & future directions. Future Generation Computer Systems, 97, 887-909. https://doi.org/10.1016/j.future.2019.03.007
  15. Rathod, H., & Sanjay Agal. (2023). A Study and Overview on Current Trends and Technology in Mobile Applications and Its Development. Lecture Notes in Networks and Systems, 383-395. https://doi.org/10.1007/978-981-99-4932-8_35
  16. Susanti, A R., Djatna, T., & Kusuma, W A. (2017, September 1). Twitter's Sentiment Analysis on Gsm Services using Multinomial Naive Bayes. Ahmad Dahlan University, 15(3), 1354-1354. https://doi.org/10.12928/telkomnika.v15i3.4284