Machine Learning-Based Malicious Application Detection of Android

In this paper, we propose a machine learning-based approach to detect malicious mobile malware in Android applications. This paper is able to capture instantaneous attacks that cannot be effectively detected in the past work. Based on the proposed approach, we implemented a malicious app detection tool, named Androidetect. First, we analyze the relationship between system functions, sensitive permissions, and sensitive application programming interfaces. The combination of system functions has been used to describe the application behaviors and construct eigenvectors. Subsequently, based on the eigenvectors, we compare the methodologies of naive Bayesian, J48 decision tree, and application functions decision algorithm regarding effective detection of malicious Android applications. Androidetect is then applied to test sample programs and real-world applications. The experimental results prove that Androidetect can better detect malicious applications of Android by using a combination of system functions compared with the previous work.

[1]  Xiong Ping,et al.  Android malware detection with contrasting permission patterns , 2014, China Communications.

[2]  Ping Yan,et al.  A survey on dynamic mobile malware detection , 2017, Software Quality Journal.

[3]  Yuval Elovici,et al.  “Andromaly”: a behavioral malware detection framework for android devices , 2012, Journal of Intelligent Information Systems.

[4]  Xingquan Zhu,et al.  Machine Learning for Android Malware Detection Using Permission and API Calls , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[5]  Alan Said,et al.  Predicting Vulnerability Exploits in the Wild , 2015, 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing.

[6]  Tianqing Zhu,et al.  Android malware detection with contrasting permission patterns , 2014 .

[7]  Sam Malek,et al.  Detection of Design Flaws in the Android Permission Protocol Through Bounded Verification , 2015, FM.

[8]  Arvind Mahindru,et al.  Dynamic Permissions based Android Malware Detection using Machine Learning Techniques , 2017, ISEC.

[9]  Z. Rakamaric,et al.  Android Malware Detection Based on System Calls , 2015 .

[10]  Zheng Yan,et al.  A hybrid approach of mobile malware detection in Android , 2017, J. Parallel Distributed Comput..

[11]  Jules White,et al.  Applying machine learning classifiers to dynamic Android malware detection at scale , 2013, 2013 9th International Wireless Communications and Mobile Computing Conference (IWCMC).

[12]  Gonzalo Álvarez,et al.  PUMA: Permission Usage to Detect Malware in Android , 2012, CISIS/ICEUTE/SOCO Special Sessions.

[13]  Ninghui Li,et al.  Using probabilistic generative models for ranking risks of Android apps , 2012, CCS.

[14]  Ayumu Kubota,et al.  Kernel-based Behavior Analysis for Android Malware Detection , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.

[15]  Paul C. van Oorschot,et al.  A methodology for empirical analysis of permission-based security models and its application to android , 2010, CCS '10.

[16]  Yingjiu Li,et al.  Permission based Android security: Issues and countermeasures , 2014, Comput. Secur..