Advertisement

Characterization of Android Malware Families by a Reduced Set of Static Features

  • Javier Sedano
  • Camelia Chira
  • Silvia González
  • Álvaro Herrero
  • Emilio Corchado
  • José Ramón Villar
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 527)

Abstract

Due to the ever increasing amount and severity of attacks aimed at compromising smartphones in general, and Android devices in particular, much effort have been devoted in recent years to deal with such incidents. However, accurate detection of bad-intentioned Android apps still is an open challenge. As a follow-up step in an ongoing research, preset paper explores the selection of features for the characterization of Android-malware families. The idea is to select those features that are most relevant for characterizing malware families. In order to do that, an evolutionary algorithm is proposed to perform feature selection on the Drebin dataset, attaining interesting results on the most informative features for the characterization of representative families of existing Android malware.

Keywords

Feature selection Genetic algorithm Android Malware families 

Notes

Acknowledgments

This research has been partially supported through the project of the Spanish Ministry of Economy and Competitiveness RTC-2014-3059-4. The authors would also like to thank the BIO/BU09/14 and the Spanish Ministry of Science and Innovation PID 560300-2009-11.

References

  1. 1.
  2. 2.
    AppBrain Stats. http://www.appbrain.com/stats/stats-index. Accessed 08 July 2016
  3. 3.
    Micro, T.: The Fine Line: 2016 Trend Micro Security Predictions (2015)Google Scholar
  4. 4.
    Mind the (Security) Gaps: The 1H 2015 Mobile Threat Landscape. http://www.trendmicro.com/vinfo/us/security/news/mobile-safety/mind-the-security-gaps-1h-2015-mobile-threat-landscape. Accessed 08 July 2016
  5. 5.
    F-Secure: Q1 2014 Mobile Threat Report (2015)Google Scholar
  6. 6.
    Yajin, Z., Xuxian, J.: Dissecting android malware: characterization and evolution. In: 2012 IEEE Symposium on Security and Privacy, pp. 95–109 (2012)Google Scholar
  7. 7.
    Spreitzenbarth, M., Echtler, F., Schreck, T., Freling, F.C., Hoffmann, J.: Mobile-sandbox: having a deeper look into android applications. In: 28th International ACM Symposium on Applied Computing (SAC) (2013)Google Scholar
  8. 8.
    Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., Rieck, K.: DREBIN: effective and explainable detection of android malware in your pocket. In: 21st Annual Network and Distributed System Security Symposium (2014)Google Scholar
  9. 9.
    Guyon, I., Elisseeff, A.: An introduction to variable and feature selection. J. Mach. Learn. Res. 3, 1157–1182 (2003)zbMATHGoogle Scholar
  10. 10.
    Larrañaga, P., Calvo, B., Santana, R., Bielza, C., Galdiano, J., Inza, I., Lozano, J.A., Armañanzas, R., Santafé, G., Pérez, A.: Machine learning in bioinformatics. Briefings Bioinform. 7, 86–112 (2006)CrossRefGoogle Scholar
  11. 11.
    Ding, C., Peng, H.: Minimum redundancy feature selection from microarray gene expression data. J. Bioinform. Comput. Biol. 3, 185–205 (2005)CrossRefGoogle Scholar
  12. 12.
    Liu, H., Liu, L., Zhang, H.: Ensemble gene selection by grouping for microarray data classification. J. Biomed. Inform. 43, 81–87 (2010)CrossRefGoogle Scholar
  13. 13.
    Feizollah, A., Anuar, N.B., Salleh, R., Wahab, A.W.A.: A review on feature selection in mobile malware detection. Digit. Invest. 13, 22–37 (2015)CrossRefGoogle Scholar
  14. 14.
    Hyo-Sik, H., Mi-Jung, C.: Analysis of android malware detection performance using machine learning classifiers. In: 2013 International Conference on ICT Convergence (2013), pp. 490–495Google Scholar
  15. 15.
    Shabtai, A., Elovici, Y.: Applying behavioral detection on android-based devices. In: Magedanz, T., Li, M., Xia, J., Giannelli, C., Cai, Y. (eds.) Mobilware 2010. LNICST, vol. 48, pp. 235–249. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Shabtai, A., Fledel, Y., Elovici, Y.: Automated static code analysis for classifying android applications using machine learning. In: 2010 International Conference on Computational Intelligence and Security, pp. 329–333 (2010)Google Scholar
  17. 17.
    Vinod, P., Laxmi, V., Gaur, M.S., Naval, S., Faruki, P.: MCF: multicomponent features for malware analysis. In: 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 1076–1081 (2013)Google Scholar
  18. 18.
    Battista, P., Mercaldo, F., Nardone, V., Santone, A., Visaggio, C.: Identification of android malware families with model checking. In: 2nd International Conference on Information Systems Security and Privacy (2016)Google Scholar
  19. 19.
    Sedano, J., Chira, C., González, S., Herrero, Á., Corchado, E., Villar, J.R.: On the selection of key features for android malware characterization. In: Herrero, Á., Baruque, B., Sedano, J., Quintián, H., Corchado, E. (eds.) International Joint Conference. AISC, vol. 369, pp. 167–176. Springer, Heidelberg (2015)CrossRefGoogle Scholar
  20. 20.
    Virus Total. https://www.virustotal.com. Accessed 08 July 2016

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Javier Sedano
    • 1
  • Camelia Chira
    • 2
  • Silvia González
    • 1
  • Álvaro Herrero
    • 3
  • Emilio Corchado
    • 4
  • José Ramón Villar
    • 5
  1. 1.Instituto Tecnológico de Castilla y LeónBurgosSpain
  2. 2.Department of Computer ScienceUniversity of Cluj-NapocaCluj-NapocaRomania
  3. 3.Department of Civil EngineeringUniversity of BurgosBurgosSpain
  4. 4.Department of Computer Science and AutomationUniversity of SalamancaSalamancaSpain
  5. 5.Computer Science DepartmentUniversity of OviedoOviedoSpain

Personalised recommendations