Top

Published in:

2021 | OriginalPaper | Chapter

Identification of Significant Permissions for Efficient Android Malware Detection

Authors : Hemant Rathore, Sanjay K. Sahay, Ritvik Rajvanshi, Mohit Sewak

Published in: Broadband Communications, Networks, and Systems

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Since Google unveiled Android OS for smartphones, malware are thriving with 3Vs, i.e. volume, velocity and variety. A recent report indicates that one out of every five business/industry mobile application leaks sensitive personal data. Traditional signature/heuristic based malware detection systems are unable to cope up with current malware challenges and thus threaten the Android ecosystem. Therefore recently researchers have started exploring machine learning and deep learning based malware detection systems. In this paper, we performed a comprehensive feature analysis to identify the significant Android permissions and propose an efficient Android malware detection system using machine learning and deep neural network. We constructed a set of 16 permissions (\(8\%\) of the total set) derived from variance threshold, auto-encoders, and principal component analysis to build a malware detection engine which consumes less train and test time without significant compromise on the model accuracy. Our experimental results show that the Android malware detection model based on the random forest classifier is most balanced and achieves the highest area under curve score of \(97.7\%\), which is better than the current state-of-art systems. We also observed that deep neural networks attain comparable accuracy to the baseline results but with a massive computational penalty.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Constructing a Green MPTCP Framework for Industrial Internet of Things Applications

next chapter Energy Efficiency Optimization for RF Energy Harvesting Relay System

https://www.trendmicro.com/vinfo/us/threat-encyclopedia/archive/malware/creeper.472.b.

https://www.f-secure.com/v-descs/cabir_dropper.shtml.

https://attack.mitre.org/.

https://developer.android.com/guide/topics/permissions/overview.

https://play.google.com/store.

https://www.virustotal.com/gui/home/upload.

https://ibotpeaches.github.io/Apktool/.

https://developer.android.com/reference/android/Manifest.permission.

Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K., Siemens, C.: Drebin: effective and explainable detection of android malware in your pocket. NDSS Symp. 14, 23–26 (2014)

Daniel, W., Liu, X., Nusaputra, C., Hu, B., Wang, Y., Xing, M.: Strategies in improving android security. In: Pacific Asia Conference on Information Systems (PACIS) (2014). https://aisel.aisnet.org/pacis2014/275

Enck, W., Gilbert, P., Han, S., Tendulkar, V., Chun, B.G., Cox, L.P., Jung, J., McDaniel, P., Sheth, A.N.: Taintdroid: an information-flow tracking system for realtime privacy monitoring on smartphones. ACM Trans. Comput. Syst. (TOCS) 32(2), 1–29 (2014)CrossRef

Faruki, P., Bharmal, A., Laxmi, V., Ganmoor, V., Gaur, M.S., Conti, M., Rajarajan, M.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tutorials 17(2), 998–1022 (2014)CrossRef

G DATA: Cyber attacks on Android devices on the rise (2018). https://www.gdatasoftware.com/blog/2018/11/31255-cyber-attacks-on-android-devices-on-the-rise. Accessed May 2020

Harris, M.A., Brookshire, R., Patten, K., Regan, B.: Mobile application installation influences: have mobile device users become desensitized to excessive permission requests. In: Americas Conference on Information Systems (AMCIS), pp. 13–15 (2015).https://aisel.aisnet.org/amcis2015/ISSecurity/GeneralPresentations/4/

Hicks, C., Dietrich, G.: An exploratory analysis in android malware trends. Americas Conference on Information Systems (AMCIS) (2016). https://aisel.aisnet.org/amcis2016/ISSec/Presentations/35/

Hou, S., Saas, A., Ye, Y., Chen, L.: DroidDelver: an android malware detection system using deep belief network based on API call blocks. In: Song, S., Tong, Y. (eds.) WAIM 2016. LNCS, vol. 9998, pp. 54–66. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47121-1_5CrossRef

Kemp, S.: GLOBAL DIGITAL REPORT (2018). https://digitalreport.wearesocial.com/. Accessed May 2020

10.

Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine-learning-based android malware detection. IEEE Trans. Ind. Inf. 14(7), 3216–3225 (2018)CrossRef

11.

Li, W., Wang, Z., Cai, J., Cheng, S.: An android malware detection approach using weight-adjusted deep learning. In: International Conference on Computing, Networking and Communications (ICNC), pp. 437–441. IEEE (2018)

12.

Lindorfer, M., Neugschwandtner, M., Weichselbaum, L., Fratantonio, Y., Van Der Veen, V., Platzer, C.: Andrubis-1,000,000 apps later: a view on current Android malware behaviors. In: IEEE BADGERS, pp. 3–17. IEEE (2014)

13.

McAfee: McAfee Labs Threats Report: December 2018, January 2019. https://www.mcafee.com/enterprise/en-us/assets/reports/rp-quarterly-threats-dec-2018.pdf. Accessed May 2020

14.

Nguyen, T., McDonald, J.T., Glisson, W.B.: Exploitation and detection of a malicious mobile application. In: Hawaii International Conference on System Sciences (HICSS) (2017). https://aisel.aisnet.org/hicss-50/st/mobile_app_development/4

15.

Patri, O., Wojnowicz, M., Wolff, M.: Discovering malware with time series shapelets. In: Hawaii International Conference on System Sciences (HICSS) (2017). https://aisel.aisnet.org/hicss-50/st/digital_forensics/4

16.

Rhue, L.: Beauty’s in the AI of the beholder: how AI anchors subjective and objective predictions. In: International Conference on Information Systems (ICIS) (2019). https://aisel.aisnet.org/icis2019/future_of_work/future_work/15/

17.

O’Dea, S.: Global smartphone shipments forecast from 2010 to 2019 (2016). http://www.statista.com/statistics/263441/global-smartphone-shipments-forecast/. Accessed May 2020

18.

Sahay, S.K., Sharma, A., Rathore, H.: Evolution of malware and its detection techniques. In: Tuba, M., Akashe, S., Joshi, A. (eds.) Information and Communication Technology for Sustainable Development. AISC, vol. 933, pp. 139–150. Springer, Singapore (2020). https://doi.org/10.1007/978-981-13-7166-0_14CrossRef

19.

Sarma, B.P., Li, N., Gates, C., Potharaju, R., Nita-Rotaru, C., Molloy, I.: Android permissions: a perspective combining risks and benefits. In: ACM symposium on Access Control Models and Technologies (SACMAT), pp. 13–22 (2012)

20.

Sewak, M., Sahay, S.K., Rathore, H.: Comparison of deep learning and the classical machine learning algorithm for the malware detection. In: 19th IEEE/ACIS SNPD, pp. 293–296. IEEE (2018)

21.

Sewak, M., Sahay, S.K., Rathore, H.: Deepintent: implicitintent based android ids with e2e deep learning architecture. In: 2020 IEEE 31st Annual International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 1–6. IEEE (2020)

22.

Sharma, A., Sahay, S.K.: An investigation of the classifiers to detect android malicious apps. In: Information and Communication Technology, pp. 207–217. Springer (2018)

23.

Symantec: Internet Security Threat Report (2019). https://www.symantec.com/content/dam/symantec/docs/reports/istr-24-2019-en.pdf. Accessed May 2020

24.

Tam, K., Feizollah, A., Anuar, N.B., Salleh, R., Cavallaro, L.: The evolution of android malware and android analysis techniques. ACM Comput. Surv. (CSUR) 49(4), 1–41 (2017)CrossRef

25.

Tao, G., Zheng, Z., Guo, Z., Lyu, M.R.: Malpat: mining patterns of malicious and benign android apps via permission-related APIS. IEEE Trans. Reliab. 67(1), 355–369 (2017)CrossRef

26.

Wang, Z., Cai, J., Cheng, S., Li, W.: DroidDeepLearner: identifying android malware using deep learning. In: IEEE 37th Sarnoff Symposium, pp. 160–165. IEEE (2016)

27.

Wu, D.J., Mao, C.H., Wei, T.E., Lee, H.M., Wu, K.P.: Droidmat: android malware detection through manifest and API calls tracing. In: Asia Joint Conference on Information Security, pp. 62–69. IEEE (2012)

28.

Ye, Y., Li, T., Adjeroh, D., Iyengar, S.S.: A survey on malware detection using data mining techniques. ACM Comput. Surv. 50(3), 1–40 (2017)CrossRef

29.

Zhou, Y., Jiang, X.: Dissecting android malware: characterization and evolution. In: IEEE Symposium on Security and Privacy (IEEE S&P), pp. 95–109 (2012)

Title: Identification of Significant Permissions for Efficient Android Malware Detection
Authors: Hemant Rathore
Sanjay K. Sahay
Ritvik Rajvanshi
Mohit Sewak
Publisher: Springer International Publishing
Book: Broadband Communications, Networks, and Systems
Print ISBN: 978-3-030-68736-6

Electronic ISBN: 978-3-030-68737-3

Copyright Year: 2021
DOI: https://doi.org/10.1007/978-3-030-68737-3_3

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner