Evaluation of Network Traffic Analysis Using Fuzzy C-Means Clustering Algorithm in Mobile Malware Detection

Ali Feizollah; Nor Badrul Anuar; Rosli Salleh

doi:10.1166/asl.2018.10660

Evaluation of Network Traffic Analysis Using Fuzzy C-Means Clustering Algorithm in Mobile Malware Detection

Ali Feizollah, Nor Badrul Anuar, Rosli Salleh

Division of Dentistry (L5)

Research output: Contribution to journal › Article › peer-review

Abstract

Due to widespread use of mobile devices and open source nature of Android operating system, such devices have been targeted by attackers. The Android malware steadily grow in number and complexity. This motivates researchers to develop detection methods. In this paper, we introduce the use of Fuzzy C-Means clustering in Android malware detection. We chose 800 malware samples and 100 clean applications, and collected generated network traffic. Selected features were extracted from the network traffic, and then used in Fuzzy C-Means clustering algorithm. The results show that this algorithm is capable of clustering our data into two groups of clean and malicious data. Furthermore, we validated our results by comparing them to our labelled dataset, which showed 13% discrepancy in results.

Original language	English
Pages (from-to)	929-932
Number of pages	4
Journal	Advanced Science Letters
Volume	24
Issue number	2
DOIs	https://doi.org/10.1166/asl.2018.10660
Publication status	Published - 15 Feb 2018

Keywords

Android Malware
Clustering
Fuzzy C-Means
Network Traffic

Access to Document

10.1166/asl.2018.10660

Cite this

@article{66bb1d4af6be4e269421bb2efc102b12,

title = "Evaluation of Network Traffic Analysis Using Fuzzy C-Means Clustering Algorithm in Mobile Malware Detection",

abstract = "Due to widespread use of mobile devices and open source nature of Android operating system, such devices have been targeted by attackers. The Android malware steadily grow in number and complexity. This motivates researchers to develop detection methods. In this paper, we introduce the use of Fuzzy C-Means clustering in Android malware detection. We chose 800 malware samples and 100 clean applications, and collected generated network traffic. Selected features were extracted from the network traffic, and then used in Fuzzy C-Means clustering algorithm. The results show that this algorithm is capable of clustering our data into two groups of clean and malicious data. Furthermore, we validated our results by comparing them to our labelled dataset, which showed 13\% discrepancy in results.",

keywords = "Android Malware, Clustering, Fuzzy C-Means, Network Traffic",

author = "Ali Feizollah and Anuar, \{Nor Badrul\} and Rosli Salleh",

year = "2018",

month = feb,

day = "15",

doi = "10.1166/asl.2018.10660",

language = "English",

volume = "24",

pages = "929--932",

journal = "Advanced Science Letters",

issn = "1936-6612",

publisher = "American Scientific Publishers",

number = "2",

}

TY - JOUR

T1 - Evaluation of Network Traffic Analysis Using Fuzzy C-Means Clustering Algorithm in Mobile Malware Detection

AU - Feizollah, Ali

AU - Anuar, Nor Badrul

AU - Salleh, Rosli

PY - 2018/2/15

Y1 - 2018/2/15

N2 - Due to widespread use of mobile devices and open source nature of Android operating system, such devices have been targeted by attackers. The Android malware steadily grow in number and complexity. This motivates researchers to develop detection methods. In this paper, we introduce the use of Fuzzy C-Means clustering in Android malware detection. We chose 800 malware samples and 100 clean applications, and collected generated network traffic. Selected features were extracted from the network traffic, and then used in Fuzzy C-Means clustering algorithm. The results show that this algorithm is capable of clustering our data into two groups of clean and malicious data. Furthermore, we validated our results by comparing them to our labelled dataset, which showed 13% discrepancy in results.

AB - Due to widespread use of mobile devices and open source nature of Android operating system, such devices have been targeted by attackers. The Android malware steadily grow in number and complexity. This motivates researchers to develop detection methods. In this paper, we introduce the use of Fuzzy C-Means clustering in Android malware detection. We chose 800 malware samples and 100 clean applications, and collected generated network traffic. Selected features were extracted from the network traffic, and then used in Fuzzy C-Means clustering algorithm. The results show that this algorithm is capable of clustering our data into two groups of clean and malicious data. Furthermore, we validated our results by comparing them to our labelled dataset, which showed 13% discrepancy in results.

KW - Android Malware

KW - Clustering

KW - Fuzzy C-Means

KW - Network Traffic

UR - https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=pure_starter&SrcAuth=WosAPI&KeyUT=WOS:000432368000034&DestLinkType=FullRecord&DestApp=WOS_CPL

U2 - 10.1166/asl.2018.10660

DO - 10.1166/asl.2018.10660

M3 - Article

SN - 1936-6612

VL - 24

SP - 929

EP - 932

JO - Advanced Science Letters

JF - Advanced Science Letters

IS - 2

ER -

Evaluation of Network Traffic Analysis Using Fuzzy C-Means Clustering Algorithm in Mobile Malware Detection

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this