Malware Detection and Classification on Different Dataset by Hybridization of CNN and Machine Learning
Keywords:
Android, Cybersecurity, Deep learning, Malware, Machine learnings Optimization, Weighted FeaturesAbstract
Malware has long been employed in cyberattacks. Due to their widespread usage, malicious software developers target Android smartphones, which may store a lot of sensitive data. As the main mobile OS, Android has always attracted malware developers. Thus, several Android malware species target susceptible people everyday, making manual malware analysis unfeasible. ML and DL methods for malware identification and categorization might help cyber forensic investigators curb the spread of malicious software. Applying DL methods helps safeguard applications. Cybersecurity issues including intrusion detection, malware classification and identification, phishing and spam detection, and spam recognition have been addressed using DL approaches. ECNN uses the BP (Back Propagation) model for every layer between several intermediate layers, making it faster and more accurate than other methods. SVM Learning with Weighted Features and CNN with SGD optimization for static analysis of mobile apps are presented in this research. The ECNN model has the highest accuracy of 96.92, 96.14, and 95.8 for Android Malware Dataset-1, 2, and 3. On the three datasets, the ECNN model has 96%, 94%, and 94% precision. Smartphone malware analysis is faster and more accurate using this method.
Downloads
References
S. K. Sasidharan and C. Thomas, “Prodroid-an an droid malware detection framework based on profile hid- den markov model,” Pervasive and Mobile Computing, vol. 72, pp. 101 336–101 336, 2021.
L. N. Vu and S. Jung, “Admat: A cnn-on-matrix approach to android malware detection and classification,” IEEE Access, vol. 9, pp. 39–680, 2021.
Thakkar, A.; Lohiya, R. A Review on Machine Learning and Deep Learning Perspectives of IDS for IoT: Recent Updates, Security Issues, and Challenges; Springer: Dordrecht, The Netherlands, 2021; Volume 28, pp. 3211–3243. [CrossRef] 10.1007/s11831-020-09496-0
Gowdhaman, V.; Dhanapal, R. An intrusion detection system for wireless sensor networks using deep neural network. Soft Comput. 2021, 26, 13059–13067. 10.1007/s00500-021-06473-y
Liu, K.; Xu, S.; Xu, G.; Zhang, M.; Sun, D.; Liu, H. A review of android malware detection approaches based on machine learning. IEEE Access 2020, 8, 124579–124607. 10.1109/ACCESS.2020.3006143
Bovenzi, G.; Persico, V.; Pescapé, A.; Piscitelli, A.; Spadari, V. Hierarchical Classification of Android Malware Traffic. In Proceedings of the 2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Wuhan, China, 9–11 December 2022; pp. 1354–1359. 10.1109/TrustCom56396.2022.00191
D. O. S¸ahın, S. Akleylek, and E. Kili¸c, “Linregdroid: Detection of android malware us- ing multiple linear re- gression models-based classifiers,” IEEE Access, vol. 10, pp. 14–246, 2022.
Y. Hei, R. Yang, H. Peng, L. Wang, X. Xu, J. Liu, H. Liu, J. Xu, and L. Sun, “Hawk: Rapid android malware detection through heterogeneous graph attention networks,” IEEE Transactions on Neural Networks and Learning Systems, 2021.
S. S. Vanjire and M. Lakshmi, “Mdta: A new approach of supervised machine learning for android malware detection and threat attribution using behavioral reports,” Mobile Computing and Sustainable Informatics, pp. 147– 159, 2022.
Karbab, E.M.B.; Debbabi, M.; Derhab, A.; Mouheb, D. MalDozer: Automatic framework for android malware detection using deep learning. Digit. Investig. 2018, 24, S48–S59. 10.1016/j.diin.2018.01.007
S.Y. Yerima, S. Khan, Longitudinal performance analysis of machine learning based Android malware detectors, in: 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security), IEEE, 2019, pp. 1–8.
J. Garcia, M. Hammad, S. Malek, Lightweight, obfuscation-resilient detection and family identification of android malware, ACM Trans. Software Eng. Methodol. 26 (3) (2018) 1–29
K.G. Kumar, Efficient android malware scanner using hybrid analysis, Int. J. Recent Technol. Eng. 7 (2019) 76–80
D. Teubert, J. Krude, S. Schueppen, U. Meyer, Hugin: a scalable hybrid android malware detection system, in: SECURWARE 2017: the Eleventh International Conference on Emerging Security Information, Systems and Technologies, 2017, pp. 168–176.
N. Daoudi, J. Samhi, A. K. Kabore, K. Allix, T. F. B. e, and J. Klein, “Dexray: A simple, yet effective deep learning approach to android malware detection based on image representation of bytecode,” International Work- shop on Deployable Machine Learning
H.Bai, N. Xie, X. Di, and Q. Ye, “Famd: A fast mul- tifeature android malware detection framework, design and implementation,” IEEE Access, vol. 8, pp. 194–729, 2020
A. Mehtab, W. B. Shahid, T. Yaqoob, M. F. Amjad, H. Abbas, H. Afzal, and M. N. Saqib, “Addroid: rule- based machine learning framework for android malware analysis,” Mobile Networks and Applications, vol. 25, no. 1, pp. 180–192, 2020.
L. Cai, Y. Li, Z. Xiong, and Jowmdroid, “Android mal- ware detection based on feature weighting with joint op- timization of weight-mapping and classifier parameters,” Computers & Security, vol. 100, pp. 102 086–102 086, 2021.
S. I. Imtiaz, S. U. Rehman, A. R. Javed, Z. Jalil, X. Liu, and W. S. Alnumay, “Deepamd: Detection and identi- fication of android malware using high-efficient deep artificial neural network,” Future Generation computer systems, vol. 115, pp. 844–856, 2021.
W. Zhang, H. Wang, H. He, and P. Liu, “Damba: detect- ing android malware by orgb analysis,” IEEE Transac- tions on Reliability, vol. 69, no. 1, pp. 55–69, 2020.
H. Gao, S. Cheng, and W. Zhang, “Gdroid: Android malware detection and classification with graph convo- lutional network,” Computers & Security, vol. 106, pp. 102 264–102 264, 2021.
A. Guerra-Manzanares, H. Bahsi, and S. N. omm, “Kron-odroid Time-based hybrid- featured dataset for effective android malware detection and characterization,” Com- puters & Security, vol. 110, pp. 102 399–102 399, 2021.
Y. Ban, S. Lee, D. Song, H. Cho, and J. H. Yi, “Fam: Featuring android malware for deep learning-based fa- milial analysis,” IEEE Access, vol. 10, pp. 20–28, 2022.
H. Cai and B. G. Ryder, “Droidfax: A toolkit for system- atic characterization of android applications,” 2017 IEEE International Conference on Software Maintenance and Evo- lution (ICSME), pp. 643–647, 2017.
E. Mariconti, L. Onwuzurike, P. Andriotis, E. D. Cristo- faro, G. Ross, G. Stringh-Ini, and . . Mamadroid, 2016.
K. Xu, Y. Li, R. Deng, K. Chen, and J. Xu, “Droide- volver: Self-evolving android mal- ware detection sys- tem,” 2019 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 47–62, 2019.
W. Li, X. Fu, and H. Cai, “Androct: Ten years of app call traces in android,” 2021 IEEE/ACM 18th International Conference on Mining Software Repositories (MSR), pp. 570–574, 2021.
N. R. Surendran, T. Thomas, and S. Emmanuel, “Gsdroid: Graph signal based compact feature representation for android malware detection,” Expert Systems with Appli- cations, vol. 159, pp. 113 581–113 581,2020.
E. B. Karbab and M. Debbabi, “Petadroid: Adaptive android malware detection using deep learning,” In- ternational Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 319–340, 2021.
Zhao, X.; Fang, J.; Wang, X. Android malware detection based on permissions. In Proceedings of the ICICT 2014, Nanjing, China, 2 October 2014. 10.1049/cp.2014.0605
Emanuelsson, P.; Nilsson, U. A comparative study of industrial static analysis tools. Electron. Notes Theor. Comput. Sci. 2008, 217, 5–21. 10.1016/j.entcs.2008.06.039
15. Wang, W.; Zhao, M.; Wang, J. Effective android malware detection with a hybrid model based on deep autoencoder and convolutional neural network. J. Ambient. Intell. Humaniz. Comput. 2019, 10, 3035–3043. 10.1007/s12652-018-0803-6
Raymer, M.L.; Punch, W.F.; Goodman, E.D.; Kuhn Leslie, A.; Jain, A.K. Dimensionality reduction using genetic algorithms. IEEE Trans. Evol. Comput. 2000, 4, 164–171. 10.1109/4235.850656
Bhattacharya, A.; Goswami, R.T.; Mukherjee, K. A feature selection technique based on rough set and improvised PSO algorithm (PSORS-FS) for permission based detection of Android malwares. Int. J. Mach. Learn. Cybern. 2018, 10, 1893–1907. 10.1007/s13042-018-0838-1
Han, J.C., Sanchez, R., Hu, X.H.,: Feature Selection Based on Relative Attribute Dependency: An Experimental Study. RSFDGrC’05, I, LNAI. 3641 (2005) 214-223.
Hu, K., Lu, Y., Shi, C.: Feature Ranking in Rough Sets. AI Communications. 16 (2003) 41-50
Yao, J.T., Zhang, M.: Feature Selection with Adjustable Criteria. RSFDGrC’05, I, LNAI. 3641 (2005) 204–213.
Boiy, M.-F. Moens, A machine learning approach to sentiment analysis in multilingual web texts. Information retrieval 12(5), 526–558 (2009)
Ö. Aslan and A. A. Yilmaz, "A New Malware Classification Framework Based on Deep Learning Algorithms," in IEEE Access, vol. 9, pp. 87936-87951, 2021, doi: 10.1109/ACCESS.2021.3089586
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
