Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis

Ali Feizollah; Nor Badrul Anuar; Rosli Salleh; Fairuz Amalina

doi:10.1109/ISBAST.2014.7013120

Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis

Ali Feizollah, Nor Badrul Anuar, Rosli Salleh, Fairuz Amalina

Division of Dentistry (L5)

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

Abstract

This paper evaluates performance of two clustering algorithms, namely k-means and mini batch k-means, in the Android malware detection. Network traffic generated by the Android applications, normal and malicious, is analyzed for detection purpose. We have used MalGenome data sample for this work to build the dataset. We chose 800 samples out of 1260 Android malware samples. In addition, we collected numerous normal applications from the official Android market. The results show that mini batch k-means algorithm performs better than k-means algorithm in the Android malware detection.

Original language	English
Title of host publication	Proceedings - 2014 International Symposium On Biometrics And Security Technologies (ISBAST)
Publisher	IEEE
Pages	193-197
Number of pages	5
ISBN (Electronic)	9781479964444
ISBN (Print)	9781479964437
DOIs	https://doi.org/10.1109/ISBAST.2014.7013120
Publication status	Published - 19 Jan 2015
Event	2014 International Symposium On Biometrics And Security Technologies - Kuala Lumpur, Malaysia Duration: 26 Aug 2014 → 27 Aug 2014

Conference

Conference	2014 International Symposium On Biometrics And Security Technologies
Country/Territory	Malaysia
City	Kuala Lumpur
Period	26/08/14 → 27/08/14

Keywords

Android
clustering
dynamic analysis
malware

Access to Document

10.1109/ISBAST.2014.7013120

Cite this

@inproceedings{c8923988f67b4e56b62fafda50f52b1c,

title = "Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis",

abstract = "This paper evaluates performance of two clustering algorithms, namely k-means and mini batch k-means, in the Android malware detection. Network traffic generated by the Android applications, normal and malicious, is analyzed for detection purpose. We have used MalGenome data sample for this work to build the dataset. We chose 800 samples out of 1260 Android malware samples. In addition, we collected numerous normal applications from the official Android market. The results show that mini batch k-means algorithm performs better than k-means algorithm in the Android malware detection.",

keywords = "Android, clustering, dynamic analysis, malware",

author = "Ali Feizollah and Anuar, \{Nor Badrul\} and Rosli Salleh and Fairuz Amalina",

year = "2015",

month = jan,

day = "19",

doi = "10.1109/ISBAST.2014.7013120",

language = "English",

isbn = "9781479964437",

pages = "193--197",

booktitle = "Proceedings - 2014 International Symposium On Biometrics And Security Technologies (ISBAST)",

publisher = "IEEE",

address = "United States",

note = "2014 International Symposium On Biometrics And Security Technologies ; Conference date: 26-08-2014 Through 27-08-2014",

}

Feizollah, A, Anuar, NB, Salleh, R & Amalina, F 2015, Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis. in Proceedings - 2014 International Symposium On Biometrics And Security Technologies (ISBAST). IEEE, pp. 193-197, 2014 International Symposium On Biometrics And Security Technologies, Kuala Lumpur, Malaysia, 26/08/14. https://doi.org/10.1109/ISBAST.2014.7013120

Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis. / Feizollah, Ali; Anuar, Nor Badrul; Salleh, Rosli et al.
Proceedings - 2014 International Symposium On Biometrics And Security Technologies (ISBAST). IEEE, 2015. p. 193-197.

Research output: Chapter in Book/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis

AU - Feizollah, Ali

AU - Anuar, Nor Badrul

AU - Salleh, Rosli

AU - Amalina, Fairuz

PY - 2015/1/19

Y1 - 2015/1/19

N2 - This paper evaluates performance of two clustering algorithms, namely k-means and mini batch k-means, in the Android malware detection. Network traffic generated by the Android applications, normal and malicious, is analyzed for detection purpose. We have used MalGenome data sample for this work to build the dataset. We chose 800 samples out of 1260 Android malware samples. In addition, we collected numerous normal applications from the official Android market. The results show that mini batch k-means algorithm performs better than k-means algorithm in the Android malware detection.

AB - This paper evaluates performance of two clustering algorithms, namely k-means and mini batch k-means, in the Android malware detection. Network traffic generated by the Android applications, normal and malicious, is analyzed for detection purpose. We have used MalGenome data sample for this work to build the dataset. We chose 800 samples out of 1260 Android malware samples. In addition, we collected numerous normal applications from the official Android market. The results show that mini batch k-means algorithm performs better than k-means algorithm in the Android malware detection.

KW - Android

KW - clustering

KW - dynamic analysis

KW - malware

UR - https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=pure_starter&SrcAuth=WosAPI&KeyUT=WOS:000380456400037&DestLinkType=FullRecord&DestApp=WOS_CPL

UR - https://www.scopus.com/pages/publications/84922762066

U2 - 10.1109/ISBAST.2014.7013120

DO - 10.1109/ISBAST.2014.7013120

M3 - Conference contribution

SN - 9781479964437

SP - 193

EP - 197

BT - Proceedings - 2014 International Symposium On Biometrics And Security Technologies (ISBAST)

PB - IEEE

T2 - 2014 International Symposium On Biometrics And Security Technologies

Y2 - 26 August 2014 through 27 August 2014

ER -

Comparative Study of K-means and Mini Batch K-means Clustering Algorithms in Android Malware Detection Using Network Traffic Analysis

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this