Android malware detection with ensemble of androidmanifest features
The popularity of Android Operating System rose gradually in the past years. Android becomes the first choice of the users in the second quarter of 2019 with more than 75 percent of worldwide market share. Furthermore, most of the users are keeping their personal information on their mobile devices....
Saved in:
Main Author: | |
---|---|
Format: | Thesis |
Language: | English |
Published: |
2019
|
Subjects: | |
Online Access: | http://psasir.upm.edu.my/id/eprint/83852/1/FSKTM%202019%2018%20-%20IR.pdf http://psasir.upm.edu.my/id/eprint/83852/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Putra Malaysia |
Language: | English |
Summary: | The popularity of Android Operating System rose gradually in the past years. Android becomes the first choice of the users in the second quarter of 2019 with more than 75 percent of worldwide market share. Furthermore, most of the users are keeping their personal information on their mobile devices. Consequently, Android is the main target of attackers on mobile and portable devices. In order to protect users’ privacy and data, numerous researches have been done with different approaches. There are two main methods for analyzing and investigating applications. The first one is a static analysis which is the most common method that extracts static features from Android Package (APK) files. AndroidManifest features are extracted from APK files for analyzing malware in this research. The second method is the dynamic analysis that collects data while operating the application in an isolated environment. Mostly, machine learning techniques are used in researches for classifying unknown samples. This study comes with a new framework which is named as a Composite of AndroidManifest Features (CAMF) to detect Android malware. In the proposed framework, three different static features are extracted like, requested permissions, hardware features, and intent-filters. A single merged feature vector is created from the feature matrix of each static feature. This vector is used as input data to our supervised machine learning models. As a result, CAMF framework minimizes the number of features to 141. Hence, it reduced the false negative rate to 1.201 percent in comparison to the previous study which is nearly 5 percent in their string feature analyzes. |
---|