Top

Published in:

2018 | OriginalPaper | Chapter

An Investigation of the Classifiers to Detect Android Malicious Apps

Authors : Ashu Sharma, Sanjay Kumar Sahay

Published in: Information and Communication Technology

Publisher: Springer Singapore

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Android devices are growing exponentially and are connected through the Internet accessing billion of online Websites. The popularity of these devices encourages malware developer to penetrate the market with malicious apps to annoy and disrupt the victim. Although for the detection of malicious apps different approaches are discussed. However, proposed approaches are not sufficed to detect the advanced malware to limit/prevent the damages. In this, very few approaches are based on opcode occurrence to classify the malicious apps. Therefore, this paper investigates the five classifiers using opcode occurrence as the prominent features for the detection of malicious apps. For the analysis, we use WEKA tool and found that FT detection accuracy (~79.27%) is best among the investigated classifiers. However, true positives rate, i.e. malware detection rate is highest (~99.91%) by RF and fluctuate least with the different number of prominent features compared to other studied classifiers. The analysis shows that overall accuracy is majorly affected by the false positives of the classifier.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Smart Air Pollution Analytics Framework

next chapter A Case-Based Reasoning Framework for Prediction of Stroke

Statista: Number of available applications in the google play store from December 2009 to February 2016 (August 2016), https://developer.android.com/guide/topics/security/permissions.html

9apps: Free android apps download (August 2016), http://www.9apps.com/

Threat report 3rd quarter, 2015 (2015), http://www.quickheal.co.in/resources/threat-reports

Data, G.: Mobile malware report. Tech. rep., G DATA (2015)

Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Transactions on Computer Systems (TOCS) 32(2), 5 (2014)

Felt, A.P., Chin, E., Hanna, S., Song, D., Wagner, D.: Android permissions demystified. In: Proceedings of the 18th ACM conference on Computer and communications security. pp. 627–638. ACM (2011)

Grace, M., Zhou, Y., Zhang, Q., Zou, S., Jiang, X.: Riskranker: scalable and accurate zero-day android malware detection. In: Proceedings of the 10th international conference on Mobile systems, applications, and services. pp. 281–294. ACM (2012)

Reina, A., Fattori, A., Cavallaro, L.: A system call-centric analysis and stimulation technique to automatically reconstruct android malware behaviors. EuroSec, April (2013)

Yan, L.K., Yin, H.: Droidscope: seamlessly reconstructing the os and dalvik semantic views for dynamic android malware analysis. In: Presented as part of the 21st USENIX Security Symposium (USENIX Security 12). pp. 569–584 (2012)

10.

Sharma, A., Sahay, S.K.: Evolution and detection of polymorphic and metamorphic malwares: a survey. International Journal of Computer Applications 90(2), 7–11 (March 2014)

11.

Seo, S.H., Gupta, A., Sallam, A.M., Bertino, E., Yim, K.: Detecting mobile malware threats to homeland security through static analysis. Journal of Network and Computer Applications 38, 43–53 (2014)

12.

Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: Drebin: Effective and explainable detection of android malware in your pocket. In: NDSS (2014)

13.

Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: Droidmat: Android malware detection through manifest and api calls tracing. In: Information Security (Asia JCIS), 2012 Seventh Asia Joint Conference on. pp. 62–69. IEEE (2012)

14.

Sanz, B., Santos, I., Laorden, C., Ugarte-Pedrero, X., Bringas, P.G.: On the automatic categorisation of android applications. In: 2012 IEEE Consumer communications and networking conference (CCNC). pp. 149–153. IEEE (2012)

15.

Vidas, T., Christin, N., Cranor, L.: Curbing android permission creep. In: Proceedings of the Web. vol. 2, pp. 91–96 (2011)

16.

Fuchs, A.P., Chaudhuri, A., Foster, J.S.: Scandroid: Automated security certification of android. Tech. rep., University of Maryland Department of Computer Science (2009)

17.

Sharma, A., Sahay, S.K., Kumar, A.: Improving the detection accuracy of unknown malware by partitioning the executables in groups. In: Advanced Computing and Communication Technologies, pp. 421–431. Springer (2016)

18.

Gonzalez, H., Stakhanova, N., Ghorbani, A.A.: Droidkin: Lightweight detection of android apps similarity. In: International Conference on Security and Privacy in Communication Systems. pp. 436–453. Springer (2014)

19.

Schölkopf, B., Platt, J.C., Shawe-Taylor, J., Smola, A.J., Williamson, R.C.: Estimating the support of a high-dimensional distribution. Neural computation 13(7), 1443–1471 (2001)

20.

Saracino, A., Sgandurra, D., Dini, G., Martinelli, F.: Madam: Effective and efficient behavior-based android malware detection and prevention (2016)

21.

Jerome, Q., Allix, K., State, R., Engel, T.: Using opcode-sequences to detect malicious android applications. In: 2014 IEEE International Conference on Communications (ICC). pp. 914–919. IEEE (2014)

22.

Kang, B., Yerima, S.Y., McLaughlin, K., Sezer, S.: N-opcode analysis for android malware classification and categorization. In: Cyber Security And Protection Of Digital Services (Cyber Security), 2016 International Conference On. pp. 1–7. IEEE (2016)

23.

Virustotal - free online virus, malware and url scanner (June 2016), https://www.virustotal.com/

24.

Winsniewski, R.: Android–apktool: A tool for reverse engineering android apk files (2012)

25.

Paller, G.: Dalvik opcodes, http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html

26.

Holmes, G., Donkin, A., Witten, I.H.: Weka: A machine learning workbench. In: Intelligent Information Systems, 1994. Proceedings of the 1994 Second Australian and New Zealand Conference on. pp. 357–361. IEEE (1994)

27.

Sahay, S.K., Sharma, A.: Grouping the executables to detect malwares with high accuracy. Procedia Computer Science 78, 667–674 (2016)

28.

Sharma, A., Sahay, S.K.: An effective approach for classification of advanced malware with high accuracy. International Journal of Security and Its Applications 10(4), 249–266 (2016)

29.

Rodriguez, J.J., Kuncheva, L.I., Alonso, C.J.: Rotation forest: A new classifier ensemble method. IEEE transactions on pattern analysis and machine intelligence 28(10), 1619–1630 (2006)

30.

Landwehr, N., Hall, M., Frank, E.: Logistic model trees. Machine Learning 59(1–2), 161–205 (2005)

31.

Kohavi, R.: Scaling up the accuracy of naive-bayes classifiers: A decision-tree hybrid. In: KDD. vol. 96, pp. 202–207. Citeseer (1996)

32.

Bhargava, N., Sharma, G., Bhargava, R., Mathuria, M.: Decision tree analysis on j48 algorithm for data mining. Proceedings of International Journal of Advanced Research in Computer Science and Software Engineering 3(6) (2013)

33.

Gama, J.: Functional trees. Machine Learning 55(3), 219–250 (2004)

Title: An Investigation of the Classifiers to Detect Android Malicious Apps
Authors: Ashu Sharma
Sanjay Kumar Sahay
Publisher: Springer Singapore
Book: Information and Communication Technology
Print ISBN: 978-981-10-5507-2

Electronic ISBN: 978-981-10-5508-9

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-981-10-5508-9_20

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"