Ensemble Machine Learning Approach for Android Malware Classification Using Hybrid Features


Pektas A., ACARMAN T.

10th International Conference on Computer Recognition Systems (CORES), Polanica Zdroj, Polonya, 22 - 24 Mayıs 2017, cilt.578, ss.191-200 identifier identifier

  • Cilt numarası: 578
  • Doi Numarası: 10.1007/978-3-319-59162-9_20
  • Basıldığı Şehir: Polanica Zdroj
  • Basıldığı Ülke: Polonya
  • Sayfa Sayıları: ss.191-200

Özet

Feature-based learning plays a crucial role at building and sustaining the security. Determination of a software based on its extracted features whether a benign or malign process, and particularly classification into a correct malware family improves the security of the operating system and protects critical user's information. In this paper, we present a novel hybrid feature-based classification system for Android malware samples. Static features such as permissions requested by mobile applications, hidden payload, and dynamic features such as API calls, installed services, network connections are extracted for classification. We apply machine learning and evaluate the level in classification accuracy of different classifiers by extracting Android malware features using a fairly large set of 3339 samples belonging to 20 malware families. The evaluation study has been scalable with 5 guest machines and took 8 days of processing. The testing accuracy is reached at 92%.