Abstract
Nowadays, the complexity and variety of malware are dramatically increasing which makes the detection and classification of new and unknown malware much more difficult respectively. The traditional approaches for dealing with malware detection are not efficient anymore which paves the way for the adoption of machine learning algorithms as a solution for this issue. Also, there is a significant rise in malware concerned with Mac OS X devices due to their increasing market size. Consequently, in this paper, various machine learning algorithms from five main categories of Decision Tree, Support Vector Machine (SVM), K-Nearest Neighbors (KNN), Ensemble and Logistic Regression are adopted for detecting Mac OS X malware. Also, performance metrics and Receiver Operating Characteristic Curve (ROC) Curve are used for evaluating the performance of these algorithms. In addition, a novel technique of considering library calls as independent features is employed. The results demonstrate that considering the aforesaid new features increased the best accuracy obtained by about 4% which led to the accuracy of 94.7% achieved by Subspace KNN as an Ensemble classifier.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
S. Nakhodchi, A. Dehghantanha, H. Karimipour, Privacy and security in smart and precision farming: A bibliometric analysis, in Handbook of Big Data Privacy, (Springer, Cham, 2020), pp. 305–318
S. Walker-Roberts, M. Hammoudeh, A. Dehghantanha, A systematic review of the availability and efficacy of countermeasures to internal threats in healthcare critical infrastructure. IEEE Access 6, 25167–25177 (2018 March). https://doi.org/10.1109/ACCESS.2018.2817560
H.M. Rouzbahani, H. Karimipour, A. Dehghantanha, R.M. Parizi, Blockchain applications in power systems: A bibliometric analysis, in Blockchain Cybersecurity, Trust and Privacy, ed. by K.-K. R. Choo, A. Dehghantanha, R. M. Parizi, vol. 79, (Springer, Cham)
M. Conti, A. Dehghantanha, K. Franke, S. Watson, Internet of things security and forensics: Challenges and opportunities. Futur. Gener. Comput. Syst. 78, 544–546 (2018). https://doi.org/10.1016/j.future.2017.07.060
A. Yazdinejad, R.M. Parizi, A. Dehghantanha, K.-K.R. Choo, P4-to-blockchain: A secure blockchain-enabled packet parser for software defined networking. Comput. Secur. 88, 101629 (2020). https://doi.org/10.1016/j.cose.2019.101629
I. Santos, J. Devesa, F. Brezo, J. Nieves, P.G. Bringas, Opem: A static-dynamic approach for machine-learning-based malware detection,in International Joint Conference CISIS’12-ICEUTE 12-SOCO 12 Special Sessions, (Springer, Berlin, Heidelberg, 2013), pp. 271–280
H. Hashemi, A. Azmoodeh, A. Hamzeh, S. Hashemi, Graph embedding as a new approach for unknown malware detection. J. Comput. Virol. Hacking Tech. 13(3), 153–166 (2017)
A. Azmoodeh, A. Dehghantanha, Big data and privacy: Challenges and opportunities, in Handbook of Big Data Privacy, (Springer, Cham, 2020), pp. 1–5. https://doi.org/10.1007/978-3-030-38557-6_1
A. Azmoodeh, A. Dehghantanha, K.-K.R. Choo, Big data and internet of things security and forensics: Challenges and opportunities, in Handbook of Big Data and IoT Security, (Springer, Cham, 2019), pp. 1–4. https://doi.org/10.1007/978-3-030-10543-3_1
L. Liu, B. Wang, B. Yu, Q. Zhong, Automatic malware classification and new malware detection using machine learning. Front. Inf. Technol. Electron. Eng. 18(9), 1336–1347 (2017)
McAfee, McAfee Labs Threats Report: April 2017, no. April (2017), p. 49
H.H. Pajouh, A. Dehghantanha, R. Khayami, K.-K.R. Choo, Intelligent OS X malware threat detection with code inspection. J. Comput. Virol. Hacking Tech. 14(3), 213–223 (2018)
A. Demontis et al., Yes, machine learning can be more secure! a case study on android malware detection. IEEE Trans. Depend. Secur. Comput. 16(4), 711–724 (2017)
M. Saharkhizan, A. Azmoodeh, A. Dehghantanha, K.-K.R. Choo, R.M. Parizi, An ensemble of deep recurrent neural networks for detecting IoT cyber attacks using network traffic. IEEE Internet Things J. 7(9), 8852–8859 (2020). https://doi.org/10.1109/jiot.2020.2996425
M. Saharkhizan, A. Azmoodeh, H. HaddadPajouh, A. Dehghantanha, R.M. Parizi, G. Srivastava, A hybrid deep generative local metric learning method for intrusion detection, in Handbook of Big Data Privacy, (Springer International Publishing, Cham, 2020), pp. 343–357. https://doi.org/10.1007/978-3-030-38557-6_16
A. Yazdinejad, A. Bohlooli, K. Jamshidi, Efficient design and hardware implementation of the OpenFlow v1.3 switch on the Virtex-6 FPGA ML605. J. Supercomput. 74(3), 1299 (2018). https://doi.org/10.1007/s11227-017-2175-7
N. Milosevic, A. Dehghantanha, K.-K.R. Choo, Machine learning aided android malware classification. Comput. Electr. Eng. 61, 266–274 (2017)
M. Damshenas, A. Dehghantanha, K.-K.R. Choo, R. Mahmud, M0droid: An android behavioral-based malware detection model. J. Inf. Priv. Secur. 11(3), 141–157 (2015)
A.N. Jahromi et al., An improved two-hidden-layer extreme learning machine for malware hunting. Comput. Secur. 89, 101655 (2020)
S. Homayoun et al., DRTHIS: Deep ransomware threat hunting and intelligence system at the fog layer. Futur. Gener. Comput. Syst. 90, 94–104 (2019). https://doi.org/10.1016/j.future.2018.07.045
H. Darabian et al., Detecting Cryptomining malware: A deep learning approach for static and dynamic analysis. J. Grid Comput. 18, 1–11 (2020)
A. Azmoodeh, A. Dehghantanha, M. Conti, K.-K.R. Choo, Detecting crypto-ransomware in IoT networks based on energy consumption footprint. J. Ambient. Intell. Humaniz. Comput. 9(4), 1141–1152 (2018)
S. Homayoun, A. Dehghantanha, M. Ahmadzadeh, S. Hashemi, R. Khayami, Know abnormal, find evil: Frequent pattern mining for ransomware threat hunting and intelligence. IEEE Trans. Emerg. Top. Comput. 8, 341 (2017)
F.A. Narudin, A. Feizollah, N.B. Anuar, A. Gani, Evaluation of machine learning classifiers for mobile malware detection. Soft. Comput. 20(1), 343–357 (2016)
H. Papadopoulos, N. Georgiou, C. Eliades, A. Konstantinidis, Android malware detection with unbiased confidence guarantees. Neurocomputing 280, 3–12 (2018)
A. Yazdinejad, H. HaddadPajouh, A. Dehghantanha, R.M. Parizi, G. Srivastava, M.-Y. Chen, Cryptocurrency malware hunting: A deep recurrent neural network, in Applied Soft Computing, vol 96, (Elsevier, 2020), p. 106630
A. Yazdinejad, R.M. Parizi, G. Srivastava, A. Dehghantanha, K.K.R. Choo, Energy efficient decentralized authentication in internet of underwater things using blockchain, in 2019 IEEE Globecom Workshops (GC Wkshps), (IEEE, 2019), pp. 1–6
M. Aledhari, R. Razzak, R.M. Parizi, F. Saeed, Federated learning: A survey on enabling technologies, protocols, and applications. IEEE Access 8, 140699–140725 (2020). https://doi.org/10.1109/ACCESS.2020.3013541
A. Yazdinejad, R.M. Parizi, A. Dehghantanha, H. Karimipour, G. Srivastava, M. Aledhari, Enabling drones in the internet of things with decentralized Blockchain-based security. IEEE Internet Things J., 1 (2020). https://doi.org/10.1109/jiot.2020.3015382
V. Mothukuri, R.M. Parizi, S. Pouriyeh, Y. Huang, A. Dehghantanha, G. Srivastava, A survey on security and privacy of federated learning. Futur. Gener. Comput. Syst. 115, 619 (2020)
R.M. Parizi, S. Homayoun, A. Yazdinejad, A. Dehghantanha, K.-K.R. Choo, Integrating Privacy Enhancing Techniques into Blockchains Using Sidechains (2019). https://doi.org/10.1109/CCECE.2019.8861821
A. Yazdinejad, R.M. Parizi, A. Dehghantanha, G. Srivastava, S. Mohan, A.M. Rababah, Cost optimization of secure routing with untrusted devices in software defined networking. J. Parallel Distrib. Comput. 143, 36 (2020)
I. MartÃn, J.A. Hernández, S. de los Santos, Machine-learning based analysis and classification of android malware signatures. Futur. Gener. Comput. Syst. 97, 295–305 (2019)
H. Zhang, X. Xiao, F. Mercaldo, S. Ni, F. Martinelli, A.K. Sangaiah, Classification of ransomware families with machine learning based on N-gram of opcodes. Futur. Gener. Comput. Syst. 90, 211–221 (2019)
H. Aghakhani, G. Fabio, M. Francesco, L. Martina, O. Stefano, B. Davide, V. Giovanni, K. Christopher, When malware is Packin'Heat; limits of machine learning classifiers based on static analysis features, in Network and Distributed Systems Security (NDSS) Symposium 2020. (2020)
T. Dargahi, A. Dehghantanha, P.N. Bahrami, M. Conti, G. Bianchi, L. Benedetto, A cyber-kill-chain based taxonomy of crypto-ransomware features. J. Comput. Virol. Hacking Tech. 15(4), 277–305 (2019)
E.M. Dovom, A. Azmoodeh, A. Dehghantanha, D.E. Newton, R.M. Parizi, H. Karimipour, Fuzzy pattern tree for edge malware detection and categorization in IoT. J. Syst. Archit. 97, 1–7 (2019)
H. Darabian, A. Dehghantanha, S. Hashemi, S. Homayoun, K.R. Choo, An opcode-based technique for polymorphic internet of things malware detection. Concurr. Comput. Pract. Exp. 32(6), e5173 (2020)
H. HaddadPajouh, A. Dehghantanha, R. Khayami, K.-K.R. Choo, A deep recurrent neural network based approach for internet of things malware threat hunting. Futur. Gener. Comput. Syst. 85, 88–96 (2018). https://doi.org/10.1016/j.future.2018.03.007
A. Azmoodeh, A. Dehghantanha, K.-K.R. Choo, Robust malware detection for internet of (battlefield) things devices using deep eigenspace learning. IEEE Trans. Sustain. Comput. 4(1), 88–95 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Gharghasheh, S.E., Hadayeghparast, S. (2022). Mac OS X Malware Detection with Supervised Machine Learning Algorithms. In: Choo, KK.R., Dehghantanha, A. (eds) Handbook of Big Data Analytics and Forensics. Springer, Cham. https://doi.org/10.1007/978-3-030-74753-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-030-74753-4_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-74752-7
Online ISBN: 978-3-030-74753-4
eBook Packages: Computer ScienceComputer Science (R0)