Clustering Android Applications Using K-Means Algorithm Using Permissions
In field of mobile security android malware is well known as a problematic never can finally solved despite of many solutions that have been proposed over time by researchers because of revolution and development of attackers techniques used in codes of their malwares that override anti-malwares and malware detection techniques by hiding the real behavior of malware when it is getting to scan moreover by obfuscating the source code of this last which make it difficult for researchers to view the source code of malicious application in order to analyze the element of this last and required features by it. The revolution of this malicious techniques make the solution proposed even using newest technologies of machine learning and reverse engineering get more limited over time in detecting malwares especially new released ones. For this reason the main objective of researchers in this field is to find a new solutions that can bear with this revolution. In this paper we proposed an approach based on clustering android applications into malware or benign using permissions as features in order to detect malwares in android applications by the application of filter feature selection algorithms to select features and k-Mean machine learning algorithm for clustering purpose.
KeywordsMalicious application Permission Clustering Feature selection Machine learning Static analysis Android malware Detection Mobile security
Authors are using this opportunity to express their gratitude to the AMD Project for sharing their Android malware samples with us which helps us a lot to evaluate the proposed approach and realizing the experiment of this research word.
- 1.Suarez-Tangil, G., Dash, S.K., Ahmadi, M., et al. (2017) DroidSieve: fast and accurate classification of obfuscated android malware. In: Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy—CODASPY’17, pp. 309–320. ACM Press, Scottsdale, Arizona, USAGoogle Scholar
- 2.Wu, D., Mao, C., Wei, T., et al. (2012) DroidMat: android malware detection through manifest and API calls tracing. In: 2012 Seventh Asia Joint Conference on Information Security, pp. 62–69Google Scholar
- 3.Welcome to Androguard’s documentation!—Androguard 3.2.0 documentation: https://androguard.readthedocs.io/en/latest/. Accessed 30 Sept 2018
- 4.Zhao, K., Zhang, D., Su, X., Li, W.: Fest: A feature extraction and selection tool for android malware detection. In: 2015 IEEE Symposium on Computers and Communication (ISCC). pp 714–720 (2015)Google Scholar
- 6.Pehlivan, U., Baltaci, N., Acartürk, C., Baykal, N.: The analysis of feature selection methods and classification algorithms in permission based Android malware detection. In: 2014 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), pp 1–8 (2014)Google Scholar
- 8.Wang, X., Zhang, D., Su, X., Li, W.: Mlifdect: android malware detection based on parallel machine learning and information fusion. In: Security and Communication Networks https://www.hindawi.com/journals/scn/2017/6451260/ref/. Accessed 3 March 2018 (2017)
- 10.Chen, L., Zhang, M., Yang, C.-Y., Sahita, R.: Semi-supervised classification for dynamic android malware detection (2017)Google Scholar
- 13.Latest Technologies | Gaming | Graphics and Server | AMD: https://www.amd.com/en/technologies. Accessed 30 Sept 2018