Android mobile malware detection using fuzzy AHP

Android mobile is very challenging because it is an open-source operating system that is also vulnerable to attacks. Previous studies have shown various mobile malware detection methods to overcome this problem, but still, there is room for improvement. Mobile users mostly ignore long lists of permissions because these are difficult to understand. Therefore, to distinguish benign or malware applications and the probability of each permission request is understood, it is necessary to evaluate Android mobile applications. This research proposed a multi-criteria decision-making based (MCDM) mobile malware detection system using a risk-based fuzzy analytical hierarchy process (AHP) approach to evaluate the Android mobile application. This study focuses on static analysis, that uses permission-based features to assess the mobile malware detection system approach. Risk analysis is applied to increase the awareness of the mobile user in granting any permission request to contain a high-risk level. The evaluation used 10,000 samples taken from Drebin and AndroZoo. The results show a high accuracy rate of 90.54% values that can effectively classify the Android application into four different risk levels.

[1]  Nor Badrul Anuar,et al.  “Less Give More”: Evaluate and zoning Android applications , 2019, Measurement.

[2]  Elisa Bertino,et al.  Android resource usage risk assessment using hidden Markov model and online learning , 2017, Comput. Secur..

[3]  Francesco Palmieri,et al.  Malware detection in mobile environments based on Autoencoders and API-images , 2020, J. Parallel Distributed Comput..

[4]  Yong Fan,et al.  A Systematic Literature Review of Android Malware Detection Using Static Analysis , 2020, IEEE Access.

[5]  J Zaburko,et al.  Information security risk assessment using the AHP method , 2019 .

[6]  Ahmad Y. Javaid,et al.  NATICUSdroid: A malware detection framework for Android using native and custom permissions , 2021, J. Inf. Secur. Appl..

[7]  Mamoun Alazab,et al.  Intelligent mobile malware detection using permission requests and API calls , 2020, Future Gener. Comput. Syst..

[8]  D Naga Malleswari,et al.  A detailed study on risk assessment of mobile app permissions , 2017 .

[9]  Nor Badrul Anuar,et al.  Bio-inspired for Features Optimization and Malware Detection , 2018 .

[10]  Inah Omoronyia,et al.  Security-oriented view of app behaviour using textual descriptions and user-granted permission requests , 2020, Comput. Secur..

[11]  K. Marimuthu,et al.  A New Malware Detection System Using Machine Learning Techniques for API Call Sequences , 2018 .

[12]  Samantha Thomas Cruz,et al.  Information Security Risk Assessment , 2007, Information Security Management Handbook, 6th ed..

[13]  Ping Yan,et al.  A survey on dynamic mobile malware detection , 2017, Software Quality Journal.

[14]  Michal Szczepanik,et al.  Malware Detection Using Machine Learning Algorithms and Reverse Engineering of Android Java Code , 2019, International Journal of Network Security & Its Applications.

[15]  Yaping Lin,et al.  A novel method for malware detection on ML-based visualization technique , 2020, Comput. Secur..

[16]  Gail-Joon Ahn,et al.  Risk assessment of mobile applications based on machine learned malware dataset , 2018, Multimedia Tools and Applications.

[17]  Huirong Fu,et al.  DDefender: Android application threat detection using static and dynamic analysis , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[18]  Jeong Hyun Yi,et al.  Risk Assessment Scheme for Mobile Applications Based on Tree Boosting , 2020, IEEE Access.

[19]  Dimitrios Tzovaras,et al.  Security in Computer and Information Sciences , 2018, Communications in Computer and Information Science.

[20]  Arushi Sharma,et al.  Malware Capability Assessment using Fuzzy Logic , 2019, Cybern. Syst..

[21]  Qing Ye,et al.  FAMD: A Fast Multifeature Android Malware Detection Framework, Design, and Implementation , 2020, IEEE Access.

[22]  Kakelli Anil Kumar,et al.  The Recent Trends in Malware Evolution, Detection and Analysis for Android Devices , 2020, Journal of Engineering Science and Technology Review.

[23]  Jemal H. Abawajy,et al.  An adaptive framework against android privilege escalation threats using deep learning and semi-supervised approaches , 2020, Appl. Soft Comput..

[24]  Lin Wang,et al.  Machine learning based mobile malware detection using highly imbalanced network traffic , 2017, Inf. Sci..

[25]  Nor Badrul Anuar,et al.  Malicious accounts: Dark of the social networks , 2017, J. Netw. Comput. Appl..

[26]  Chong Wang,et al.  A Survey on Android Malware Detection Techniques , 2017 .

[27]  Avesta Sasan,et al.  Ensemble learning for effective run-time hardware-based malware detection: a comprehensive analysis and classification , 2018, DAC.

[28]  Antonella Santone,et al.  Deep learning for image-based mobile malware detection , 2020, Journal of Computer Virology and Hacking Techniques.

[29]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[30]  Ainuddin Wahid Abdul Wahab,et al.  A review on feature selection in mobile malware detection , 2015, Digit. Investig..

[31]  William J. Buchanan,et al.  A methodology for the security evaluation within third-party Android Marketplaces , 2017, Digit. Investig..

[32]  Georgios Kambourakis,et al.  Two Anatomists Are Better than One - Dual-Level Android Malware Detection , 2020, Symmetry.

[33]  Mauro Conti,et al.  Similarity-based Android Malware Detection Using Hamming Distance of Static Binary Features , 2019, Future Gener. Comput. Syst..

[34]  Abdelouahid Derhab,et al.  MalDozer: Automatic framework for android malware detection using deep learning , 2018, Digit. Investig..

[35]  Bo Yang,et al.  A mobile malware detection method using behavior features in network traffic , 2019, J. Netw. Comput. Appl..

[36]  Witawas Srisa-an,et al.  Significant Permission Identification for Machine-Learning-Based Android Malware Detection , 2018, IEEE Transactions on Industrial Informatics.

[37]  Ahmad Salah,et al.  A Lightweight Android Malware Classifier Using Novel Feature Selection Methods , 2020, Symmetry.

[38]  Ahmad Almogren,et al.  Improving risk assessment model of cyber security using fuzzy logic inference system , 2018, Comput. Secur..

[39]  Nor Badrul Anuar,et al.  The rise of "malware": Bibliometric analysis of malware study , 2016, J. Netw. Comput. Appl..

[40]  Huirong Fu,et al.  Risks behind Device Information Permissions in Android OS , 2017 .

[41]  Fabio Martinelli,et al.  A fuzzy-based process mining approach for dynamic malware detection , 2017, 2017 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE).

[42]  Ibrahim Alper Dogru,et al.  Permission-Based Malware Detection System for Android Using Machine Learning Techniques , 2019, Int. J. Softw. Eng. Knowl. Eng..

[43]  Hamid Naderi,et al.  Security Challenges in Android mHealth Apps Permissions: A Case Study of Persian Apps , 2020 .

[44]  Jacques Klein,et al.  AndroZoo: Collecting Millions of Android Apps for the Research Community , 2016, 2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR).

[45]  Antonella Santone,et al.  Model checking and machine learning techniques for HummingBad mobile malware detection and mitigation , 2020, Simul. Model. Pract. Theory.

[46]  Hitoshi Iyatomi,et al.  One-dimensional convolutional neural networks for Android malware detection , 2018, 2018 IEEE 14th International Colloquium on Signal Processing & Its Applications (CSPA).

[47]  Ahmad Firdaus,et al.  Towards a systematic description of the field using bibliometric analysis: malware evolution , 2021, Scientometrics.