Bio-inspired Hybrid Intelligent Method for Detecting Android Malware

Today’s smartphones are capable of doing much more than the previous generation of mobile phones. However this extended range of capabilities is coming together with some new security risks. Also, mobile platforms often contain small, insecure and less well controlled applications from various single developers. Due to the open usage model of the Android market, malicious applications cannot be avoided completely. Especially pirated applications or multimedia content in popular demand, targeting user groups with typically low awareness levels are predestined to spread too many devices before being identified as malware. Generally malware applications utilizing root exploits to escalate their privileges can inject code and place binaries outside applications storage locations. This paper proposes a novel approach, which uses minimum computational power and resources, to indentify Android malware or malicious applications. It is a bio-inspired Hybrid Intelligent Method for Detecting Android Malware (HIMDAM). This approach performs classification by employing Extreme Learning Machines (ELM) in order to properly label malware applications. At the same time, Evolving Spiking Neural Networks (eSNNs) are used to increase the accuracy and generalization of the entire model.

[1]  Yuval Elovici,et al.  Automated Static Code Analysis for Classifying Android Applications Using Machine Learning , 2010, 2010 International Conference on Computational Intelligence and Security.

[2]  Arnaud Delorme,et al.  Spike-based strategies for rapid processing , 2001, Neural Networks.

[3]  Patrick D. McDaniel,et al.  On lightweight mobile phone application certification , 2009, CCS.

[4]  Konstantinos Demertzis,et al.  Evolving Computational Intelligence System for Malware Detection , 2014, CAiSE Workshops.

[5]  Stefan Schliebs,et al.  Evolving spiking neural network—a survey , 2013, Evolving Systems.

[6]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[7]  G. G. Meyer,et al.  Lecture notes in business information processing , 2009 .

[8]  Simin Nadjm-Tehrani,et al.  Crowdroid: behavior-based malware detection system for Android , 2011, SPSM '11.

[9]  J. Foster,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[10]  Konstantinos Demertzis,et al.  Fast and low cost prediction of extreme air pollution values with hybrid unsupervised learning , 2016, Integr. Comput. Aided Eng..

[11]  Chi Cheng,et al.  Extreme learning machines for intrusion detection , 2012, The 2012 International Joint Conference on Neural Networks (IJCNN).

[12]  Konstantinos Demertzis,et al.  Fuzzy Cognitive Maps for Long-Term Prognosis of the Evolution of Atmospheric Pollution, Based on Climate Change Scenarios: The Case of Athens , 2016, ICCCI.

[13]  J. MacQueen Some methods for classification and analysis of multivariate observations , 1967 .

[14]  S. Hamalainen,et al.  Self-Organizing Networks in 3GPP LTE , 2009, 2009 IEEE 70th Vehicular Technology Conference Fall.

[15]  Teuvo Kohonen,et al.  The self-organizing map , 1990 .

[16]  Bu-Sung Lee,et al.  Cross-Layer Detection of Sinking Behavior in Wireless Ad Hoc Networks Using SVM and FDA , 2011, IEEE Transactions on Dependable and Secure Computing.

[17]  Konstantinos Demertzis,et al.  Intelligent Bio-Inspired Detection of Food Borne Pathogen by DNA Barcodes: The Case of Invasive Fish Species Lagocephalus Sceleratus , 2015, EANN.

[18]  Nikola Kasabov,et al.  Evolving Connectionist Systems: Methods and Applications in Bioinformatics, Brain Study and Intelligent Machines , 2002, IEEE Transactions on Neural Networks.

[19]  Michael Defoin-Platel,et al.  Integrated Feature and Parameter Optimization for an Evolving Spiking Neural Network , 2008, ICONIP.

[20]  Salvatore J. Stolfo,et al.  Data mining methods for detection of new malicious executables , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[21]  Avik Chaudhuri,et al.  SCanDroid: Automated Security Certification of Android , 2009 .

[22]  Konstantinos Demertzis,et al.  A Hybrid Network Anomaly and Intrusion Detection Approach Based on Evolving Spiking Neural Network Classification , 2013, e-Democracy.

[23]  Konstantinos Demertzis,et al.  Adaptive Elitist Differential Evolution Extreme Learning Machines on Big Data: Intelligent Recognition of Invasive Species , 2016, INNS Conference on Big Data.

[24]  Konstantinos Demertzis,et al.  HISYCOL a hybrid computational intelligence system for combined machine learning: the case of air pollution modeling in Athens , 2015, Neural Computing and Applications.

[25]  Konstantinos Demertzis,et al.  Machine learning use in predicting interior spruce wood density utilizing progeny test information , 2017, Neural Computing and Applications.

[26]  Jacques Gautrais,et al.  Rank order coding , 1998 .

[27]  Konstantinos Demertzis,et al.  A Bio-Inspired Hybrid Artificial Intelligence Framework for Cyber Security , 2015 .

[28]  Arnaud Delorme,et al.  Networks of integrate-and-fire neurons using Rank Order Coding B: Spike timing dependent plasticity and emergence of orientation selectivity , 2001, Neurocomputing.

[29]  Simei Gomes Wysoski,et al.  Adaptive Learning Procedure for a Network of Spiking Neurons and Visual Pattern Recognition , 2006, ACIVS.

[30]  Paul C. van Oorschot,et al.  A methodology for empirical analysis of permission-based security models and its application to android , 2010, CCS '10.

[31]  David A. Wagner,et al.  Analyzing inter-application communication in Android , 2011, MobiSys '11.

[32]  Konstantinos Demertzis,et al.  Detecting invasive species with a bio-inspired semi-supervised neurocomputing approach: the case of Lagocephalus sceleratus , 2017, Neural Computing and Applications.

[33]  Ioannis M. Dokas,et al.  Information Systems for Crisis Response and Management in Mediterranean Countries , 2015, Lecture Notes in Business Information Processing.

[34]  Gerald Tesauro,et al.  Neural networks for computer virus recognition , 1996 .

[35]  Mohammed S. Alam,et al.  Random Forest Classification for Detecting Android Malware , 2013, 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing.

[36]  Qutaibah M. Malluhi,et al.  Advances in Intelligent Systems and Computing , 2015 .

[37]  Marcus A. Maloof,et al.  Learning to detect malicious executables in the wild , 2004, KDD.

[38]  Yang Chen,et al.  A neural network approach to category validation of Android applications , 2013, 2013 International Conference on Computing, Networking and Communications (ICNC).

[39]  Konstantinos Demertzis,et al.  Artificial Intelligence Applications and Innovations: 18th IFIP WG 12.5 International Conference, AIAI 2022, Hersonissos, Crete, Greece, June 17–20, 2022, Proceedings, Part II , 2022, IFIP Advances in Information and Communication Technology.

[40]  Konstantinos Demertzis,et al.  SAME: An Intelligent Anti-malware Extension for Android ART Virtual Machine , 2015, ICCCI.

[41]  Guang-Bin Huang,et al.  An Insight into Extreme Learning Machines: Random Neurons, Random Features and Kernels , 2014, Cognitive Computation.

[42]  Herbert Bos,et al.  Paranoid Android: versatile protection for smartphones , 2010, ACSAC '10.

[43]  Konstantinos Demertzis,et al.  Evolving Smart URL Filter in a Zone-Based Policy Firewall for Detecting Algorithmically Generated Malicious Domains , 2015, SLDS.

[44]  Matthias Lange,et al.  L4Android: a generic operating system framework for secure smartphones , 2011, SPSM '11.

[45]  Jeff Dozier,et al.  Environmental Informatics , 2012 .

[46]  Riccardo Scandariato,et al.  Predicting vulnerable classes in an Android application , 2012, MetriSec '12.

[47]  Richard E. Harang,et al.  Rapid Permissions-Based Detection and Analysis of Mobile Malware Using Random Decision Forests , 2013, MILCOM 2013 - 2013 IEEE Military Communications Conference.

[48]  L. Iliadis,et al.  Ladon: A Cyber-Threat Bio-Inspired Intelligence Management System , 2016 .

[49]  Konstantinos Demertzis,et al.  Semi-supervised Hybrid Modeling of Atmospheric Pollution in Urban Centers , 2016, EANN.

[50]  Rafael Fedler,et al.  Android oS Security : riSkS And LimitAtionS A PrActicAL evALuAtion , 2012 .