Bio-inspired computational paradigm for feature investigation and malware detection: interactive analytics

Recently, people rely on mobile devices to conduct their daily fundamental activities. Simultaneously, most of the people prefer devices with Android operating system. As the demand expands, deceitful authors develop malware to compromise Android for private and money purposes. Consequently, security analysts have to conduct static and dynamic analyses to counter malware violation. In this paper, we adopt static analysis which only requests minimal resource consumption and rapid processing. However, finding a minimum set of features in the static analysis are vital because it removes irrelevant data, reduces the runtime of machine learning detection and reduces the dimensionality of datasets. Therefore, in this paper, we investigate three categories of features, which are permissions, directory path, and telephony. This investigation considers the features frequency as well as repeatedly used in each application. Subsequently, this study evaluates the proposed features in three bio-inspired machine learning classifiers in artificial neural network (ANN) category to signify the usefulness of ANN type in uncovering unknown malware. The classifiers are multilayer perceptron (MLP), voted perceptron (VP) and radial basis function network (RBFN). Among all these three classifiers, the outstanding outcomes acquire is the MLP, which achieves 90% in accuracy and 87% in true positive rate (TPR), as well as 97% accuracy in our Bio Analyzer prediction system.

[1]  Patrick P. K. Chan,et al.  Static detection of Android malware by using permissions and API calls , 2014, 2014 International Conference on Machine Learning and Cybernetics.

[2]  Steven Furnell,et al.  Authenticating mobile phone users using keystroke analysis , 2006, International Journal of Information Security.

[3]  Aziz Mohaisen,et al.  Detecting and Classifying Android Malware Using Static Analysis along with Creator Information , 2015, Int. J. Distributed Sens. Networks.

[4]  Qaiser Abbas,et al.  Comparative Study of Feature Selection Approaches for Urdu Text Categorization , 2015 .

[5]  Yoav Freund,et al.  Large Margin Classification Using the Perceptron Algorithm , 1998, COLT' 98.

[6]  Yajin Zhou,et al.  Systematic Detection of Capability Leaks in Stock Android Smartphones , 2012, NDSS.

[7]  Konrad Rieck,et al.  Structural detection of android malware using embedded call graphs , 2013, AISec.

[8]  Sakir Sezer,et al.  Analysis of Bayesian classification-based approaches for Android malware detection , 2016, IET Inf. Secur..

[9]  Maria Papadaki,et al.  Incident prioritisation using analytic hierarchy process (AHP): Risk Index Model (RIM) , 2013, Secur. Commun. Networks.

[10]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[11]  Yuval Elovici,et al.  “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[12]  V. Natarajan,et al.  Android based malware detection using a multifeature collaborative decision fusion approach , 2015, Neurocomputing.

[13]  Gary McGraw,et al.  Static Analysis for Security , 2004, IEEE Secur. Priv..

[14]  Xingquan Zhu,et al.  Machine Learning for Android Malware Detection Using Permission and API Calls , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[15]  Shahaboddin Shamshirband,et al.  Anomaly Detection Using Cooperative Fuzzy Logic Controller , 2013, FIRA.

[16]  R. Lippmann,et al.  An introduction to computing with neural nets , 1987, IEEE ASSP Magazine.

[17]  Jaana M. Hartikainen,et al.  RAD51B in Familial Breast Cancer , 2016, PloS one.

[18]  Bing Mao,et al.  DroidAlarm: an all-sided static analysis tool for Android privilege-escalation malware , 2013, ASIA CCS '13.

[19]  安藤 寛,et al.  Cross-Validation , 1952, Encyclopedia of Machine Learning and Data Mining.

[20]  Hahn-Ming Lee,et al.  DroidMat: Android Malware Detection through Manifest and API Calls Tracing , 2012, 2012 Seventh Asia Joint Conference on Information Security.

[21]  Nor Badrul Anuar,et al.  Botnet detection techniques: review, future trends, and issues , 2014, Journal of Zhejiang University SCIENCE C.

[22]  Yuval Elovici,et al.  Automated Static Code Analysis for Classifying Android Applications Using Machine Learning , 2010, 2010 International Conference on Computational Intelligence and Security.

[23]  Ali Feizollah,et al.  Evaluation of machine learning classifiers for mobile malware detection , 2014, Soft Computing.

[24]  Zhemin Yang,et al.  LeakMiner: Detect Information Leakage on Android with Static Taint Analysis , 2012, 2012 Third World Congress on Software Engineering.

[25]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[26]  Aiman Abu Samra,et al.  Analysis of Clustering Technique in Android Malware Detection , 2013, 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[27]  David Chenho Kung,et al.  Dexteroid: Detecting malicious behaviors in Android apps using reverse-engineered life cycle models , 2015, Comput. Secur..

[28]  Ali Feizollah,et al.  A Study Of Machine Learning Classifiers for Anomaly-Based Mobile Botnet Detection , 2013 .

[29]  Vinod Yegneswaran,et al.  Eureka: A Framework for Enabling Static Malware Analysis , 2008, ESORICS.

[30]  Heejo Lee,et al.  Screening smartphone applications using malware family signatures , 2015, Comput. Secur..

[31]  Sahin Albayrak,et al.  Static Analysis of Executables for Collaborative Malware Detection on Android , 2009, 2009 IEEE International Conference on Communications.

[32]  Arun Lakhotia,et al.  DroidLegacy: Automated Familial Classification of Android Malware , 2014, PPREW'14.

[33]  Axelle Apvrille,et al.  Reducing the window of opportunity for Android malware Gotta catch ’em all , 2012, Journal in Computer Virology.

[34]  Yajin Zhou,et al.  Detecting repackaged smartphone applications in third-party android marketplaces , 2012, CODASPY '12.

[35]  Rosli Salleh,et al.  SMARTbot: A Behavioral Analysis Framework Augmented with Machine Learning to Identify Mobile Botnet Applications , 2016, PloS one.

[36]  Kim-Kwang Raymond Choo,et al.  On the Analysis and Detection of Mobile Botnet Applications , 2016, J. Univers. Comput. Sci..

[37]  Mahmoud Taleb Beidokhti,et al.  Advances in Intelligent Systems and Computing , 2016 .

[38]  Sahin Albayrak,et al.  Smartphone malware evolution revisited: Android next target? , 2009, 2009 4th International Conference on Malicious and Unwanted Software (MALWARE).

[39]  Wenke Lee,et al.  CHEX: statically vetting Android apps for component hijacking vulnerabilities , 2012, CCS.

[40]  Nor Badrul Anuar,et al.  The rise of "malware": Bibliometric analysis of malware study , 2016, J. Netw. Comput. Appl..

[41]  Jacques Klein,et al.  FlowDroid: precise context, flow, field, object-sensitive and lifecycle-aware taint analysis for Android apps , 2014, PLDI.

[42]  Eric Bodden,et al.  A Machine-learning Approach for Classifying and Categorizing Android Sources and Sinks , 2014, NDSS.

[43]  Ainuddin Wahid Abdul Wahab,et al.  A review on feature selection in mobile malware detection , 2015, Digit. Investig..

[44]  Peng Wang,et al.  AsDroid: detecting stealthy behaviors in Android applications by user interface and program behavior contradiction , 2014, ICSE.

[45]  Arun Kumar Sangaiah,et al.  Integrated QoUE and QoS approach for optimal service composition selection in internet of services (IoS) , 2016, Multimedia Tools and Applications.

[46]  Desire L. Massart,et al.  Local modelling with radial basis function networks , 2000 .

[47]  J. Kent Information gain and a general measure of correlation , 1983 .

[48]  Jules White,et al.  Applying machine learning classifiers to dynamic Android malware detection at scale , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[49]  Ninghui Li,et al.  Android permissions: a perspective combining risks and benefits , 2012, SACMAT '12.

[50]  Gonzalo Álvarez,et al.  PUMA: Permission Usage to Detect Malware in Android , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[51]  Huan Liu,et al.  Efficient Feature Selection via Analysis of Relevance and Redundancy , 2004, J. Mach. Learn. Res..

[52]  Kim-Kwang Raymond Choo,et al.  DyHAP: Dynamic Hybrid ANFIS-PSO Approach for Predicting Mobile Malware , 2016, PloS one.

[53]  Jacques Klein,et al.  AndroZoo: Collecting Millions of Android Apps for the Research Community , 2016, 2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR).

[54]  Jeff H. Perkins,et al.  Information Flow Analysis of Android Applications in DroidSafe , 2015, NDSS.

[55]  Yajin Zhou,et al.  Fast, scalable detection of "Piggybacked" mobile applications , 2013, CODASPY.

[56]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[57]  Vijay Laxmi,et al.  AndroSimilar: robust statistical feature signature for Android malware detection , 2013, SIN.

[58]  Heng Yin,et al.  DroidAPIMiner: Mining API-Level Features for Robust Malware Detection in Android , 2013, SecureComm.

[59]  Seung-Hun Jin,et al.  Warning System for Detecting Malicious Applications on Android System , 2013 .

[60]  Sakir Sezer,et al.  A New Android Malware Detection Approach Using Bayesian Classification , 2013, 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA).

[61]  Juan E. Tapiador,et al.  Dendroid: A text mining approach to analyzing and classifying code structures in Android malware families , 2014, Expert Syst. Appl..

[62]  Elisa Bertino,et al.  Detecting mobile malware threats to homeland security through static analysis , 2014, J. Netw. Comput. Appl..

[63]  Sakir Sezer,et al.  Android Malware Detection Using Parallel Machine Learning Classifiers , 2014, 2014 Eighth International Conference on Next Generation Mobile Apps, Services and Technologies.

[64]  Ninghui Li,et al.  Using probabilistic generative models for ranking risks of Android apps , 2012, CCS.

[65]  Xuxian Jiang,et al.  Unsafe exposure analysis of mobile in-app advertisements , 2012, WISEC '12.

[66]  C. Castillo Android Malware Past , Present , and Future , 2011 .

[67]  Sotiris B. Kotsiantis,et al.  Machine learning: a review of classification and combining techniques , 2006, Artificial Intelligence Review.

[68]  Abdul Ghani Sarip,et al.  Application Of Fuzzy Regression Model For Real Estate Price Prediction , 2016 .

[69]  Chun-Ying Huang,et al.  Performance Evaluation on Permission-Based Detection for Android Malware , 2013 .

[70]  Yves Le Traon,et al.  Automatically securing permission-based software by reducing the attack surface: an application to Android , 2012, 2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering.

[71]  Joonho Kwon,et al.  Advanced Big Data Management and Analytics for Ubiquitous Sensors , 2015, Int. J. Distributed Sens. Networks.

[72]  Andrew Walenstein,et al.  Program Structure-Based Feature Selection for Android Malware Analysis , 2012, MobiSec.

[73]  William Enck,et al.  Defending Users against Smartphone Apps: Techniques and Future Directions , 2011, ICISS.

[74]  Nor Badrul Anuar,et al.  The Feasibility of Employing IEEE802.11p in Electronic-Based Congestion Pricing Zone: A Comparative Study with RFID , 2016 .

[75]  Matthew Might,et al.  Sound and precise malware analysis for android via pushdown reachability and entry-point saturation , 2013, SPSM '13.

[76]  Win Zaw,et al.  Permission-Based Android Malware Detection , 2013 .

[77]  Murat Kantarcioglu,et al.  Proceedings of the 17th ACM symposium on Access Control Models and Technologies , 2012, SACMAT 2012.

[78]  Isil Dillig,et al.  Apposcopy: semantics-based detection of Android malware through static analysis , 2014, SIGSOFT FSE.

[79]  Sakir Sezer,et al.  High accuracy android malware detection using ensemble learning , 2015, IET Inf. Secur..

[80]  Abdullah Talha Kabakus,et al.  APK Auditor: Permission-based Android malware detection system , 2015, Digit. Investig..

[81]  C. E. SHANNON,et al.  A mathematical theory of communication , 1948, MOCO.

[82]  Felix C. Freiling,et al.  Monkey-Spider: Detecting Malicious Websites with Low-Interaction Honeyclients , 2008, Sicherheit.

[83]  Gonzalo Álvarez,et al.  MAMA: MANIFEST ANALYSIS FOR MALWARE DETECTION IN ANDROID , 2013, Cybern. Syst..

[84]  Yajin Zhou,et al.  RiskRanker: scalable and accurate zero-day android malware detection , 2012, MobiSys '12.

[85]  Ali Feizollah,et al.  AndroDialysis: Analysis of Android Intent Effectiveness in Malware Detection , 2017, Comput. Secur..

[86]  Nor Badrul Anuar,et al.  Malicious accounts: Dark of the social networks , 2017, J. Netw. Comput. Appl..

[87]  Niu Yan,et al.  A3: Automatic Analysis of Android Malware , 2013, CloudCom 2013.