Skip to main content
SpringerLink
Log in

A new approach to android malware detection using fuzzy logic-based simulated annealing and feature selection

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

The use of smartphones with the Android operating system has been high in the last decade, with the transformation of works and services from traditional shape to mechanized and digitally, the percentage of use of smart devices will remain high. In such a situation, malware with malicious purposes will appear among the useful applications that will create insecure conditions for users of smart devices with the Android operating system. In this regard, to deal with malware and to improve malware detection, the simulated annealing algorithm has been used in the feature selection stage along with fuzzy logic in the neighbor generation stage to detect Android malware through machine learning algorithms. The proposed method has been tested in ten feature sets with 410 samples from the DREBIN dataset, 328 of which are benign apps and the rest are malware. The experimental results of this study show that the best result in feature selection with the proposed method with the KNN classifier and the set of permission features, with the number of features 1908, has been achieved 99.02% in the accuracy criterion. The results of the paper are better than many recent studies results are done.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Algorithm 1
Fig. 10
Fig. 11

Similar content being viewed by others

Data availability

The dataset analyzed during the current study is available from the corresponding author on reasonable request.

References

  1. Ali W (2019) Hybrid intelligent android malware detection using evolving support vector machine based on genetic algorithm and particle swarm optimization. Int J Comput Sci Netw Secur 19(9):15

    Google Scholar 

  2. Allix K, Bissyandé TF, Klein J, Le Traon Y (2016) Androzoo: Collecting millions of android apps for the research community. In2016 IEEE/ACM 13th Working Conference on Mining Software Repositories (MSR) (pp. 468–471). IEEE

  3. Arp D, Spreitzenbarth M, Hubner M, Gascon H, Rieck K, Siemens CE (2014) Drebin: Effective and explainable detection of android malware in your pocket. InNdss 14:23–26

  4. Bolón-Canedo V, Sánchez-Maroño N, Alonso-Betanzos A (2016) Feature selection for high-dimensional data. Prog Artif Intell 5(2):65–75. https://doi.org/10.1007/s13748-015-0080-y

    Article  Google Scholar 

  5. Chakravarty S (2020) Feature selection and evaluation of permission-based Android malware detection. In2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184) (pp. 795–799). IEEE. https://doi.org/10.1109/ICOEI48184.2020.9142929

  6. Chandrashekar G, Sahin F (2014) A survey on feature selection methods. Comput Electr Eng 40(1):16–28. https://doi.org/10.1016/j.compeleceng.2013.11.024

    Article  Google Scholar 

  7. Firdaus A, Anuar NB, Karim A, Razak MF (2018) Discovering optimal features using static analysis and a genetic search based method for Android malware detection. Front Inform Technol Electron Eng 19(6):712–736. https://doi.org/10.1631/FITEE.1601491

    Article  Google Scholar 

  8. IT threat evolution in Q2 2021. Available: https://securelist.com/it-threat-evolution-q2-2021-mobile-statistics/103636/. [Accessed 07 10 2021]

  9. Jadhav SD, Channe HP (2016) Comparative study of K-NN, naive Bayes and decision tree classification techniques. Int J Sci Res (IJSR) 5(1):1842–1845

    Article  Google Scholar 

  10. Karbab EB, Debbabi M, Derhab A, Mouheb D (2021) Android malware detection using machine learning: data-driven fingerprinting and threat intelligence. Springer, Cham

  11. Khalid S, Khalil T, Nasreen S (2014) A survey of feature selection and feature extraction techniques in machine learning. In 2014 science and information conference (pp. 372–378). IEEE. https://doi.org/10.1109/SAI.2014.6918213

  12. Lalaoui M, El Afia A, Chiheb R (2016) Hidden Markov model for a self-learning of simulated annealing cooling law. In 2016 5th international conference on multimedia computing and systems (ICMCS) (pp. 558–563). IEEE. https://doi.org/10.1109/ICMCS.2016.7905557

  13. Lalaoui M, El Afia A, Chiheb R (2018) Simulated annealing with adaptive neighborhood using fuzzy logic controller. In Proceedings of the International Conference on Learning and Optimization Algorithms: Theory and Applications (pp. 1–6). https://doi.org/10.1145/3230905.3230963

  14. Mat SR, Ab Razak MF, Kahar MN, Arif JM, Firdaus A (2021) A Bayesian probability model for Android malware detection. ICT Express. https://doi.org/10.1016/j.icte.2021.09.003

    Article  Google Scholar 

  15. McDonald JT, Herron N, Glisson WB, Benton RK (2021) Machine Learning-Based Android Malware Detection Using Manifest Permission. Proceedings of the 54th Hawaii International Conference on System Science. https://doi.org/10.24251/HICSS.2021.839

  16. Meike GB, Schiefer L (2021) Inside the android OS: building, customizing, managing and operating android system services (1st edn). Addison-Wesley Professional, Boston

  17. Meimandi A, Seyfari Y, Lotfi S (2020) Android malware detection using feature selection with hybrid genetic algorithm and simulated annealing. InProceedings of the 2020 IEEE 5th Conference on Technology In Electrical and Computer Engineering (ETECH 2020) Information and Communication Technology (ICT), Tehran, Iran

  18. Moradi P, Gholampour M (2016) A hybrid particle swarm optimization for feature subset selection by integrating a novel local search strategy. Appl Soft Comput 1(43):117–130. https://doi.org/10.1016/j.asoc.2016.01.044

    Article  Google Scholar 

  19. Permissions on Android. Available: https://developer.android.com/guide/topics/permissions/overview. [Accessed 07 10 2021]

  20. Platform Architecture. Available: https://developer.android.com/guide/platform. [Accessed 03 11 2021]

  21. Posario F, Thangadurai K (2016) Simulated Annealing Algorithm for Feature Selection. Int J Comput Technol. 15(2):6471–9. https://doi.org/10.24297/ijct.v15i2.565

    Article  Google Scholar 

  22. Şahin DÖ, Kural OE, Akleylek S, Kılıç E (2021) A novel permission-based Android malware detection system using feature selection based on linear regression. Neural Comput Appl 19:1–6. https://doi.org/10.1007/s00521-021-05875-1

    Article  Google Scholar 

  23. Suthaharan S (2016) Machine learning models and algorithms for big data classification. Integr Ser Inf Syst 36:1–2

    MathSciNet  Google Scholar 

  24. Tam K, Feizollah A, Anuar NB et al (2017) The Evolution of Android Malware and Android Analysis Techniques. ACM Comput Surv 49(4):76. https://doi.org/10.1145/3017427

    Article  Google Scholar 

  25. Thangavelooa R, Jinga WW, Lenga CK, Abdullaha J (2020) International Journal on Advanced Science. Eng Inf Technol 10(2):536–541. https://doi.org/10.18517/ijaseit.10.2.10238

    Article  Google Scholar 

  26. Van Laarhoven PJ, Aarts EH (1987) Simulated annealing. In Simulated annealing: Theory and applications (pp. 7–15). Springer, Dordrecht

  27. Wen L, Yu H (2017) An Android malware detection system based on machine learning. InAIP Conference Proceedings 1864(1):020136). AIP Publishing LLC. https://doi.org/10.1063/1.4992953

  28. Xue B, Zhang M, Browne WN, Yao X (2015) A survey on evolutionary computation approaches to feature selection. IEEE Trans Evol Comput 20(4):606–626. https://doi.org/10.1109/TEVC.2015.2504420

    Article  Google Scholar 

  29. Yildiz O, Doğru IA (2019) Permission-based android malware detection system using feature selection with genetic algorithm. Int J Software Eng Knowl Eng 29(02):245–262. https://doi.org/10.1142/S0218194019500116

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Engineering, University of Maragheh, Maragheh, Iran

    Yousef Seyfari

  2. Tabriz, Iran

    Akbar Meimandi

Authors
  1. Yousef Seyfari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Akbar Meimandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yousef Seyfari.

Ethics declarations

Conflicts of interests

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Additional information

Publisher's note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix

Appendix

In this section, the results of the confusion matrix and the number of features related to the ten executions of the feature set are listed alphabetically.

Table 6

Table 6 The confusion matrix of activity set
Full size table

Table 7

Table 7 The confusion matrix of API call set
Full size table

Table 8

Table 8 The confusion matrix of Call set
Full size table

Table 9

Table 9 The confusion matrix of feature set
Full size table

Table 10

Table 10 The confusion matrix of intent set
Full size table

Table 11

Table 11 The confusion matrix of permission set
Full size table

Table 12

Table 12 The confusion matrix of provider set
Full size table

Table 13

Table 13 The confusion matrix of real permission set
Full size table

Table 14

Table 14 The confusion matrix of service receiver set
Full size table

Table 15

Table 15 The confusion matrix of URL set
Full size table

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Seyfari, Y., Meimandi, A. A new approach to android malware detection using fuzzy logic-based simulated annealing and feature selection. Multimed Tools Appl 83, 10525–10549 (2024). https://doi.org/10.1007/s11042-023-16035-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-023-16035-z

Keywords

Search

Navigation