Abstract
The increased usage and popularity of Android devices encourage malware developers to generate newer ways to launch malware in different packaged forms in different applications. These malware causes various information leakage and money lost. For example, only in Canada, McAfee, which surveyed 1,000 Canadians and found 65% of them, had lost more than $100 and almost a third had lost more than $500 to various cyber scams so far this year. Moreover, after identifying software as malware, unethical developer repackages the detected one and again launches the software. Unfortunately, repackaged software remains undetected mostly. In this research three different tasks were done. Comparing to the existing work we have used source code based analysis using bag-of words algorithm in machine learning. By modifying Bag-of-word procedure and adding some additional preprocessing of dataset the evaluation results represent 0.55% better than the existing work in this field. In that case re-packaging was included and this is a new edition in this field of research. Moreover in this research, a vocabulary was also created to identify the malicious code. Here with existing 69 malicious patterns more 12 malicious patterns were added. In addition to these two contributions, we have also implemented our model in a web application to test. This paper represents such a model, which will help the developers or antivirus launcher to detect malware if it is repackaged. This vocabulary will also help to do so.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Dehghantanha, A., Franke, K.: Privacy-respecting digital investigation
Twelfth Annual International Conference on Privacy, Security and Trust (2014). https://doi.org/10.1109/pst.2014.6890932
Kitagawa, M., Gupta, A., Cozza, R., Durand, I., Glenn, D., Maita, K., et al.: Market share: final pcs, ultramobiles and mobile phones, all countries, 2q15 update, Technical report (2015)
Chia, C., Choo, K.-K., Fehrenbacher, D.: How cyber-savvy are older mobile device users? Mob. Secur. Priv. 67–83 (2017). https://doi.org/10.1016/b978-0-12-804629-6.00004-3
Viennot, N., Garcia, E., Nieh, J.: A measurement study of google play. ACM SIGMETRICS Perform. Eval. Rev. 42(1), 221–233 (2014). https://doi.org/10.1145/2637364.2592003
Sharma, M., Chawla, M., Gajrani, J.: A survey of android malware detection strategy and techniques. In: Satapathy, S.C., Joshi, A., Modi, N., Pathak, N. (eds.) Proceedings of International Conference on ICT for Sustainable Development. AISC, vol. 409, pp. 39–51. Springer, Singapore (2016). https://doi.org/10.1007/978-981-10-0135-2_4
Buennemeyer, T.K., Nelson, T.M., Clagett, L.M., Dunning, J.P., Marchany, R.C., Tront, J.G.: Mobile device profiling and intrusion detection using smart batteries. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008). https://doi.org/10.1109/hicss.2008.319
Enck, W., et al.: TaintDroid. ACM Trans. Comput. Syst. 32(2), 1–29 (2014). https://doi.org/10.1145/2619091
Dash, S.K., et al.: DroidScribe: classifying android malware based on runtime behavior. In: 2016 IEEE Security and Privacy Workshops (SPW) (2016). https://doi.org/10.1109/spw.2016.25
Alam, M.S., Vuong, S.T.: Random forest classification for detecting android malware. In: 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing (2013). https://doi.org/10.1109/greencom-ithings-cpscom.2013.122
Isohara, T., Takemori, K., Kubota, A.: kernel-based behavior analysis for android malware detection. In: 2011 Seventh International Conference on Computational Intelligence and Security (2011). https://doi.org/10.1109/cis.2011.226
Damshenas, M., Dehghantanha, A., Choo, K.-K.R., Mahmud, R.: M0Droid: an android behavioral-based malware detection model. J. Inf. Priv. Secur. 11(3), 141–157 (2015). https://doi.org/10.1080/15536548.2015.1073510
Mercaldo, F., Nardone, V., Santone, A., Visaggio, C.A.: Download malware? No, thanks. In: Proceedings of the 4th FME Workshop on Formal Methods in Software Engineering – FormaliSE 2016 (2016). https://doi.org/10.1145/2897667.2897673
Karbab, E.B., Debbabi, M., Mouheb, D.: Fingerprinting android packaging: generating DNAs for malware detection. Digit. Invest. 18, S33-S45 (2016). https://doi.org/10.1016/j.diin.2016.04.013
Nataraj, L., Karthikeyan, S., Jacob, G., Manjunath, B.S.: Malware images. In: Proceedings of the 8th International Symposium on Visualization for Cyber Security - VizSec 2011 (2011). https://doi.org/10.1145/2016904.2016908
Nath, H.V., Mehtre, B.M.: Static malware analysis using machine learning methods. In: MartÃnez Pérez, G., Thampi, S.M., Ko, R., Shu, L. (eds.) SNDS 2014. CCIS, vol. 420, pp. 440–450. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54525-2_39
Afonso, V.M., de Amorim, M.F., Grégio, A.R.A., Junquera, G.B., de Geus, P.L.: Identifying android malware using dynamically obtained features. J. Comput. Virol. Hacking Tech. 11(1), 9–17 (2014). https://doi.org/10.1007/s11416-014-0226-7
Yerima, S.Y., Sezer, S., Muttik, I.: Android malware detection: an eigenspace analysis approach. In: 2015 Science and Information Conference (SAI) (2015). https://doi.org/10.1109/sai.2015.7237302
Sahs, J., Khan, L.: A machine learning approach to android malware detection. In: 2012 European Intelligence and Security Informatics Conference (2012). https://doi.org/10.1109/eisic.2012.34
Milosevic, N., Dehghantanha, A., Choo, K.-K.R.: Machine learning aided android malware classification. Comput. Electr. Eng. 61, 266–274 (2017). https://doi.org/10.1016/j.compeleceng.2017.02.013
VirusTotal. http://www.virustotal.com/
Chan, P.P.K., Song, W.-K.: Static detection of Android malware by using permissions and API calls. In: 2014 International Conference on Machine Learning and Cybernetics (2014). https://doi.org/10.1109/icmlc.2014.7009096
Patanaik, C.K., Barbhuiya, F.A., Nandi, S.: Obfuscated malware detection using API call dependency. In: Proceedings of the First International Conference on Security of Internet of Things - SecurIT 2012 (2012). https://doi.org/10.1145/2490428.2490454
Leeds, M., Keffeler, M., Atkison, T.: A comparison of features for android malware detection. In: Proceedings of the SouthEast Conference on - ACM SE 2017 (2017). https://doi.org/10.1145/3077286.3077288
Abraham, A., Andriatsimandefitra, R., Brunelat, A., Lalande, J.-F., Tong, V.V.T. GroddDroid: a gorilla for triggering malicious behaviors. In: 2015 10th International Conference on Malicious and Unwanted Software (MALWARE) (2015). https://doi.org/10.1109/malware.2015.7413692
Bag-of-words model. https://en.wikipedia.org/wiki/Bag-of-words_model
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Hasan, M.R., Begum, A., Zamal, F.B., Rawshan, L., Bhuiyan, T. (2020). Android Malware Detection by Machine Learning Apprehension and Static Feature Characterization. In: Bhuiyan, T., Rahman, M.M., Ali, M.A. (eds) Cyber Security and Computer Science. ICONCS 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 325. Springer, Cham. https://doi.org/10.1007/978-3-030-52856-0_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-52856-0_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-52855-3
Online ISBN: 978-3-030-52856-0
eBook Packages: Computer ScienceComputer Science (R0)