• Corpus ID: 4854705

Comparative evaluation of machine learning-based malware detection on Android

@inproceedings{Hahn2016ComparativeEO,
  title={Comparative evaluation of machine learning-based malware detection on Android},
  author={Sebastian Hahn and Mykola Protsenko and Tilo M{\"u}ller},
  booktitle={Sicherheit},
  year={2016}
}
The Android platform is known as the market leader for mobile devices, but it also has gained much attention among malware authors in recent years. The widespread of malware, a consequence of its popularity and the design features of the Android ecosystem, constitutes a major security threat currently targeted by the research community. Among all counter methods proposed in previous publications, many rely on machine learning algorithms based on statically extracted attributes from an app… 
A Review of Android Malware Detection Approaches Based on Machine Learning
TLDR
This paper presents a comprehensive survey of Android malware detection approaches based on machine learning and analyzes the research status from key perspectives such as sample acquisition, data preprocessing, feature selection, machine learning models, algorithms, and the evaluation of detection effectiveness.
An Android Malware Detection Leveraging Machine Learning
TLDR
The results prove the efficiency of permissions and the action repetition feature set and their influential roles in detecting malware in Android applications and show empirically very close accuracy results when using static, dynamic, and hybrid analyses.
Android mobile security by detecting and classification of malware based on permissions using machine learning algorithms
TLDR
Naïve Bayes classifier has outperformed as far as model construction time is concerned and Multi-class classifier was found to be outperforming the other algorithms in terms of classification accuracy.
Android Malware Detection through Machine Learning Techniques: A Review
TLDR
This paper provided a comprehensive review of machine learning techniques and their applications in Android malware detection as found in contemporary literature.
Using Deep Neural Network for Android Malware Detection
TLDR
An Android malware detection system that applies deep learning technique to face the threats of Android malware and reaches an accuracy of 95.31% is proposed.
Empirical Evaluation of a System Call-Based Android Malware Detector
TLDR
A non-signature-based malware detector, that is not vulnerable to mimicry attack, is proposed, by keeping the false alarm rate very low, and has been validated for effectiveness and applicability.
Anomaly detection of android malware using One-Class K-Nearest Neighbours (OC-KNN)
TLDR
A normality model based on One-Class K-Nearest Neighbour (OC-kNN) Machine Learning approach for anomaly detection of Android Malware is developed and it is concluded that a One- Class Classification model is an effective approach to be used for the detection of unknown Android malware.
An Empirical Comparison of Supervised Algorithms for Ransomware Identification on Network Traffic
TLDR
This paper compares empirically three supervised machine learning algorithms, in order to identify ransomware traffic based on Android mobile network traffic features, and shows that Random Forest achieved a 96% accuracy in classifying ransomware, higher than Decision Tree (DT) and K-Nearest Neighbor (KNN) approaches.
Intrusion Detection in IoT Systems Based on Deep Learning Using Convolutional Neural Network
TLDR
This paper proposes a new method of detecting intrusion for IoT systems based on deep learning using a convolutional neural network, which has an average accuracy of 98.9%.
...
...

References

SHOWING 1-10 OF 18 REFERENCES
Permission-Based Android Malware Detection
TLDR
The proposed framework intends to develop a machine learning-based malware detection system on Android to detect malware applications and to enhance security and privacy of smartphone users.
Enter Sandbox: Android Sandbox Comparison
TLDR
An overview of the state-of-the-art dynamic code analysis platforms for Android is given and a low level of diversity in analysis platforms resulting from code reuse that leaves the evaluated systems vulnerable to evasion is indicated.
Mobile malware detection using op-code frequency histograms
TLDR
A technique for discriminating Android malware from trusted applications that does not rely on signature, but on identifying a vector of features obtained from the static analysis of the Android's Dalvik code is discussed.
PUMA: Permission Usage to Detect Malware in Android
TLDR
PUMA, a new method for detecting malicious Android applications through machine-learning techniques by analysing the extracted permissions from the application itself, is presented.
Using opcode-sequences to detect malicious Android applications
TLDR
This paper presents a feature based detection mechanism relying on opcode-sequences combined with machine learning techniques for feature based malware detection on the basis of a reference dataset and a wider sample of 40,000 applications retrieved from the Google Play Store.
Android malware classification method: Dalvik bytecode frequency analysis
TLDR
This paper proposes a method to classify malware families from known malware, as a pre-step of malware detection, based on applications' Bytecode that contains actual application behaviors.
Malware detection using statistical analysis of byte-level file content
TLDR
This paper proposes a novel malware detection technique which is based on the analysis of byte-level file content, which has the potential to detect previously unknown and zero-day malware.
Mobile-sandbox: having a deeper look into android applications
TLDR
Mobile-Sandbox is presented, a system designed to automatically analyze Android applications in two novel ways: it combines static and dynamic analysis, i.e., results of static analysis are used to guide dynamic analysis and extend coverage of executed code, and it uses specific techniques to log calls to native APIs.
Android: From Reversing to Decompilation
TLDR
This talk presents a new open-source tool (Androguard) written in Python (and some parts of C language) which help the reversing of Android applications, as well as a new decompiler which uses only Dalvik bytecode to create an original Java source code.
...
...