Clustering-Aided Multi-View Classification: A Case Study on Android Malware Detection

Recognizing malware before its installation plays a crucial role in keeping an android device safe. In this paper we describe a supervised method that is able to analyse multiple information (e.g. permissions, api calls and network addresses) that can be retrieved through a broad static analysis of android applications. In particular, we propose a novel multi-view machine learning approach to malware detection, which couples knowledge extracted via both clustering and classification. In an assessment, we evaluate the effectiveness of the proposed method using benchmark Android applications and established machine learning metrics.

[1]  Hua Sun,et al.  Android malicious code Classification using Deep Belief Network , 2018, KSII Trans. Internet Inf. Syst..

[2]  Sakir Sezer,et al.  Improving dynamic analysis of android apps using hybrid test input generation , 2017, 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security).

[3]  Weiwei Lin,et al.  An Ensemble Random Forest Algorithm for Insurance Big Data Analysis , 2017, IEEE Access.

[4]  Meng Wang,et al.  Semisupervised Multiview Distance Metric Learning for Cartoon Synthesis , 2012, IEEE Transactions on Image Processing.

[5]  XuXin,et al.  Multi-view learning overview , 2017 .

[6]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[7]  Long Wen,et al.  An Android malware detection system based on machine learning , 2017 .

[8]  Francisco Herrera,et al.  Learning from Imbalanced Data Sets , 2018, Springer International Publishing.

[9]  Upasna Singh,et al.  Android Users Security via Permission Based Analysis , 2015, SSCC.

[10]  Mauro Conti,et al.  On defending against label flipping attacks on malware detection systems , 2019, Neural Computing and Applications.

[11]  Curtis Busby-Earle,et al.  Multi-Perspective Machine Learning a Classifier Ensemble Method for Intrusion Detection , 2017, ICMLSC.

[12]  Mark Stamp,et al.  Static and Dynamic Analysis of Android Malware , 2017, ICISSP.

[13]  Fabio Roli,et al.  Yes, Machine Learning Can Be More Secure! A Case Study on Android Malware Detection , 2017, IEEE Transactions on Dependable and Secure Computing.

[14]  Donato Malerba,et al.  A novel spectral-spatial co-training algorithm for the transductive classification of hyperspectral imagery data , 2017, Pattern Recognit..

[15]  Sergei Vassilvitskii,et al.  k-means++: the advantages of careful seeding , 2007, SODA '07.

[16]  Xingquan Zhu,et al.  Machine Learning for Android Malware Detection Using Permission and API Calls , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[17]  Ramón F. Brena,et al.  Multi-view stacking for activity recognition with sound and accelerometer data , 2018, Inf. Fusion.

[18]  Grigorios Tsoumakas,et al.  Discovering and Exploiting Deterministic Label Relationships in Multi-Label Learning , 2015, KDD.

[19]  Sakir Sezer,et al.  N-opcode analysis for android malware classification and categorization , 2016, 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security).

[20]  Ymir Vigfusson,et al.  PMDS: Permission-Based Malware Detection System , 2014, ICISS.

[21]  Herna L. Viktor,et al.  Transductive Relational Classification in the Co-training Paradigm , 2012, MLDM.

[22]  Shiliang Sun,et al.  Multiview Deep Learning , 2019, Multiview Machine Learning.

[23]  Yang Liu,et al.  A multi-view context-aware approach to Android malware detection and malicious code localization , 2017, Empirical Software Engineering.

[24]  Shiliang Sun,et al.  Multi-view learning overview: Recent progress and new challenges , 2017, Inf. Fusion.

[25]  Fengyu Wang,et al.  A Malware Detection Algorithm Based on Multi-view Fusion , 2010, ICONIP.

[26]  Muttukrishnan Rajarajan,et al.  Investigating the android intents and permissions for malware detection , 2014, 2014 IEEE 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[27]  Konrad Rieck,et al.  DREBIN: Effective and Explainable Detection of Android Malware in Your Pocket , 2014, NDSS.

[28]  V. Natarajan,et al.  Android based malware detection using a multifeature collaborative decision fusion approach , 2015, Neurocomputing.

[29]  Nic Herndon,et al.  Experimental Study with Real-world Data for Android App Security Analysis using Machine Learning , 2015, ACSAC.

[30]  P SomanK.,et al.  Deep-Net: Deep Neural Network for Cyber Security Use Cases , 2018, ArXiv.

[31]  Sakir Sezer,et al.  Android Malware Detection Using Parallel Machine Learning Classifiers , 2014, 2014 Eighth International Conference on Next Generation Mobile Apps, Services and Technologies.

[32]  Mansour Ahmadi,et al.  DroidSieve: Fast and Accurate Classification of Obfuscated Android Malware , 2017, CODASPY.

[33]  Purnima Bholowalia,et al.  EBK-Means: A Clustering Technique based on Elbow Method and K-Means in WSN , 2014 .

[34]  Donato Malerba,et al.  A Co-Training Strategy for Multiple View Clustering in Process Mining , 2016, IEEE Transactions on Services Computing.

[35]  Yajin Zhou,et al.  Dissecting Android Malware: Characterization and Evolution , 2012, 2012 IEEE Symposium on Security and Privacy.

[36]  Angelo Spognardi,et al.  SafeDroid: A Distributed Malware Detection Service for Android , 2016, 2016 IEEE 9th International Conference on Service-Oriented Computing and Applications (SOCA).

[37]  Nada Lavrac,et al.  Multi-view Approach to Parkinson's Disease Quality of Life Data Analysis , 2016, NFMCP@PKDD/ECML.

[38]  Jianguo Jiang,et al.  Using Multi-features and Ensemble Learning Method for Imbalanced Malware Classification , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[39]  Mohammed S. Alam,et al.  Random Forest Classification for Detecting Android Malware , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[40]  Mahdi Abadi,et al.  RAMD: registry-based anomaly malware detection using one-class ensemble classifiers , 2018, Applied Intelligence.

[41]  Yang Liu,et al.  Apk2vec: Semi-Supervised Multi-view Representation Learning for Profiling Android Applications , 2018, 2018 IEEE International Conference on Data Mining (ICDM).

[42]  Mark Last Multi-target Classification: Methodology and Practical Case Studies , 2016, ECML/PKDD.

[43]  Sakir Sezer,et al.  DL-Droid: Deep learning based android malware detection using real devices , 2019, Comput. Secur..

[44]  Roberto Baldoni,et al.  Survey on the Usage of Machine Learning Techniques for Malware Analysis , 2017, Comput. Secur..

[45]  Saso Dzeroski,et al.  An extensive experimental comparison of methods for multi-label learning , 2012, Pattern Recognit..

[46]  Saso Dzeroski,et al.  Tree ensembles for predicting structured outputs , 2013, Pattern Recognit..

[47]  Donato Malerba,et al.  Dealing with Class Imbalance in Android Malware Detection by Cascading Clustering and Classification , 2020, Complex Pattern Mining.

[48]  Xin Sun,et al.  Detection, Classification and Characterization of Android Malware Using API Data Dependency , 2015, SecureComm.

[49]  Ali Hamzeh,et al.  Evaluation of random forest classifier in security domain , 2017, Applied Intelligence.

[50]  Ming Fan,et al.  DAPASA: Detecting Android Piggybacked Apps Through Sensitive Subgraph Analysis , 2017, IEEE Transactions on Information Forensics and Security.

[51]  Yu Long,et al.  Android malicious code Classification using Deep Belief Network , 2018 .

[52]  David H. Wolpert,et al.  Stacked generalization , 1992, Neural Networks.

[53]  Abdullah Talha Kabakus,et al.  APK Auditor: Permission-based Android malware detection system , 2015, Digit. Investig..

[54]  Rishabh Kaushal,et al.  Malware detection in android based on dynamic analysis , 2017, 2017 International Conference on Cyber Security And Protection Of Digital Services (Cyber Security).

[55]  Junfeng Wang,et al.  Improving malware detection using multi-view ensemble learning , 2016, Secur. Commun. Networks.

[56]  Ali Dehghantanha,et al.  Machine learning aided Android malware classification , 2017, Comput. Electr. Eng..

[57]  Vipin Kumar Multi-view Ensemble Learning Using Optimal Feature Set Partitioning: An Extended Experiments and Analysis in Low Dimensional Scenario , 2015 .

[58]  Bintu Kadhiwala,et al.  Comparative Analysis of Android Malware Detection Techniques , 2017 .

[59]  Francesco Sergio Pisani,et al.  Evolving meta-ensemble of classifiers for handling incomplete and unbalanced datasets in the cyber security domain , 2016, Appl. Soft Comput..

[60]  Long Nguyen-Vu,et al.  Android Fragmentation in Malware Detection , 2019, Comput. Secur..