Identification of Significant Permissions for Efficient Android Malware
Detection
- URL: http://arxiv.org/abs/2103.00643v1
- Date: Sun, 28 Feb 2021 22:07:08 GMT
- Title: Identification of Significant Permissions for Efficient Android Malware
Detection
- Authors: Hemant Rathore, Sanjay K. Sahay, Ritvik Rajvanshi, Mohit Sewak
- Abstract summary: One out of every five business/industry mobile application leaks sensitive personal data.
Traditional signature/heuristic-based malware detection systems are unable to cope up with current malware challenges.
We propose an efficient Android malware detection system using machine learning and deep neural network.
- Score: 2.179313476241343
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Since Google unveiled Android OS for smartphones, malware are thriving with
3Vs, i.e. volume, velocity, and variety. A recent report indicates that one out
of every five business/industry mobile application leaks sensitive personal
data. Traditional signature/heuristic-based malware detection systems are
unable to cope up with current malware challenges and thus threaten the Android
ecosystem. Therefore recently researchers have started exploring machine
learning and deep learning based malware detection systems. In this paper, we
performed a comprehensive feature analysis to identify the significant Android
permissions and propose an efficient Android malware detection system using
machine learning and deep neural network. We constructed a set of $16$
permissions ($8\%$ of the total set) derived from variance threshold,
auto-encoders, and principal component analysis to build a malware detection
engine that consumes less train and test time without significant compromise on
the model accuracy. Our experimental results show that the Android malware
detection model based on the random forest classifier is most balanced and
achieves the highest area under curve score of $97.7\%$, which is better than
the current state-of-art systems. We also observed that deep neural networks
attain comparable accuracy to the baseline results but with a massive
computational penalty.
Related papers
- MASKDROID: Robust Android Malware Detection with Masked Graph Representations [56.09270390096083]
We propose MASKDROID, a powerful detector with a strong discriminative ability to identify malware.
We introduce a masking mechanism into the Graph Neural Network based framework, forcing MASKDROID to recover the whole input graph.
This strategy enables the model to understand the malicious semantics and learn more stable representations, enhancing its robustness against adversarial attacks.
arXiv Detail & Related papers (2024-09-29T07:22:47Z) - Unraveling the Key of Machine Learning Solutions for Android Malware
Detection [33.63795751798441]
This paper presents a comprehensive investigation into machine learning-based Android malware detection.
We first survey the literature, categorizing contributions into a taxonomy based on the Android feature engineering and ML modeling pipeline.
Then, we design a general-propose framework for ML-based Android malware detection, re-implement 12 representative approaches from different research communities, and evaluate them from three primary dimensions, i.e. effectiveness, robustness, and efficiency.
arXiv Detail & Related papers (2024-02-05T12:31:19Z) - Can you See me? On the Visibility of NOPs against Android Malware Detectors [1.2187048691454239]
This paper proposes a visibility metric that assesses the difficulty in spotting NOPs and similar non-operational codes.
We tested our metric on a state-of-the-art, opcode-based deep learning system for Android malware detection.
arXiv Detail & Related papers (2023-12-28T20:48:16Z) - DRSM: De-Randomized Smoothing on Malware Classifier Providing Certified
Robustness [58.23214712926585]
We develop a certified defense, DRSM (De-Randomized Smoothed MalConv), by redesigning the de-randomized smoothing technique for the domain of malware detection.
Specifically, we propose a window ablation scheme to provably limit the impact of adversarial bytes while maximally preserving local structures of the executables.
We are the first to offer certified robustness in the realm of static detection of malware executables.
arXiv Detail & Related papers (2023-03-20T17:25:22Z) - Towards a Fair Comparison and Realistic Design and Evaluation Framework
of Android Malware Detectors [63.75363908696257]
We analyze 10 influential research works on Android malware detection using a common evaluation framework.
We identify five factors that, if not taken into account when creating datasets and designing detectors, significantly affect the trained ML models.
We conclude that the studied ML-based detectors have been evaluated optimistically, which justifies the good published results.
arXiv Detail & Related papers (2022-05-25T08:28:08Z) - Fast & Furious: Modelling Malware Detection as Evolving Data Streams [6.6892028759947175]
Malware is a major threat to computer systems and imposes many challenges to cyber security.
In this work, we evaluate the impact of concept drift on malware classifiers for two Android datasets.
arXiv Detail & Related papers (2022-05-24T18:43:40Z) - Mate! Are You Really Aware? An Explainability-Guided Testing Framework
for Robustness of Malware Detectors [49.34155921877441]
We propose an explainability-guided and model-agnostic testing framework for robustness of malware detectors.
We then use this framework to test several state-of-the-art malware detectors' abilities to detect manipulated malware.
Our findings shed light on the limitations of current malware detectors, as well as how they can be improved.
arXiv Detail & Related papers (2021-11-19T08:02:38Z) - GANG-MAM: GAN based enGine for Modifying Android Malware [1.6799377888527687]
Malware detectors based on machine learning are vulnerable to adversarial attacks.
We propose a system that produces a feature vector for making an Android malware strongly evasive and then modify the malicious program accordingly.
arXiv Detail & Related papers (2021-09-27T18:36:20Z) - Android Malware Category and Family Detection and Identification using
Machine Learning [0.0]
We present two machine-learning approaches for Dynamic Analysis of Android Malware.
Our approach achieves in Android Malware Category detection more than 96 % accurate and achieves in Android Malware Family detection more than 99% accurate.
arXiv Detail & Related papers (2021-07-05T10:48:40Z) - Being Single Has Benefits. Instance Poisoning to Deceive Malware
Classifiers [47.828297621738265]
We show how an attacker can launch a sophisticated and efficient poisoning attack targeting the dataset used to train a malware classifier.
As opposed to other poisoning attacks in the malware detection domain, our attack does not focus on malware families but rather on specific malware instances that contain an implanted trigger.
We propose a comprehensive detection approach that could serve as a future sophisticated defense against this newly discovered severe threat.
arXiv Detail & Related papers (2020-10-30T15:27:44Z) - Cassandra: Detecting Trojaned Networks from Adversarial Perturbations [92.43879594465422]
In many cases, pre-trained models are sourced from vendors who may have disrupted the training pipeline to insert Trojan behaviors into the models.
We propose a method to verify if a pre-trained model is Trojaned or benign.
Our method captures fingerprints of neural networks in the form of adversarial perturbations learned from the network gradients.
arXiv Detail & Related papers (2020-07-28T19:00:40Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.