SAME: An Intelligent Anti-malware Extension for Android ART Virtual Machine

It is well known that cyber criminal gangs are already using advanced and especially intelligent types of Android malware, in order to overcome the out-of-band security measures. This is done in order to broaden and enhance their attacks which mainly target financial and credit foundations and their transactions. It is a fact that most applications used under the Android system are written in Java. The research described herein, proposes the development of an innovative active security system that goes beyond the limits of the existing ones. The developed system acts as an extension on the ART (Android Run Time) Virtual Machine architecture, used by the Android Lolipop 5.0 version. Its main task is the analysis and classification of the Java classes of each application. It is a flexible intelligent system with low requirements in computational resources, named Smart Anti Malware Extension (SAME). It uses the biologically inspired Biogeography-Based Optimizer (BBO) heuristic algorithm for the training of a Multi-Layer Perceptron (MLP) in order to classify the Java classes of an application as benign or malicious. SAME was run in parallel with the Particle Swarm Optimization (PSO), Ant Colony Optimization (ACO) and Genetic Algorithm (GA) and it has shown its validity.