Machine learning aided Android malware classification

Nikola Milosevic, Ali Dehghantanha, Kim-Kwang Raymond Choo

    Research output: Contribution to journalArticlepeer-review

    453 Downloads (Pure)

    Abstract

    The widespread adoption of Android devices and their capability to access significant private and confidential information have resulted in these devices being targeted by malware developers. Existing Android malware analysis techniques can be broadly categorized into static and dynamic analysis. In this paper, we present two machine learning aided approaches for static analysis of Android malware. The first approach is based on permissions and the other is based on source code analysis utilizing a bag-of-words representation model. Our permission-based model is computationally inexpensive, and is implemented as the feature of OWASP Seraphimdroid Android app that can be obtained from Google Play Store. Our evaluations of both approaches indicate an F-score of 95.1% and F-measure of 89% for the source code-based classification and permission-based classification models, respectively.
    Original languageEnglish
    Number of pages9
    JournalComputers & Electrical Engineering: an international journal
    Early online date22 Feb 2017
    DOIs
    Publication statusPublished - Jul 2017

    Keywords

    • malware
    • android
    • static malware analysis
    • Machine learning

    Fingerprint

    Dive into the research topics of 'Machine learning aided Android malware classification'. Together they form a unique fingerprint.

    Cite this